CVE-2016-2025

{"id": "CVE-2016-2025", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-05-30T01:59:03.690", "references": [{"url": "http://www.securitytracker.com/id/1035954", "source": "cve@mitre.org"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149290", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1035954", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149290", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components."}, {"lang": "es", "value": "HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40 y 9.41 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, relacionado con los componentes Web Client, Service Request Catalog y Mobility."}], "lastModified": "2024-11-21T02:47:38.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F32B79D7-0C89-475B-B714-3CB1D7064491"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3065EC7-1FE4-4715-BF04-09D7CB7F9C8A"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05C97132-741B-4EA8-9023-CAD01A7651EF"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDE568ED-E354-4943-987E-35A796DCE0D0"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFCACDA-F200-4CA8-934A-DA8C89B7B4DF"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB8AEB78-8437-4A12-BE8E-4876BB84D13C"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32058060-DE9B-41DB-8DEF-871ED464FECB"}, {"criteria": "cpe:2.3:a:hp:service_manager:9.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D9E9027-0259-4DFD-8621-2AE778EE1ABD"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}