CVE-2016-4377

HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v3 8.1 HIGH
CVSS v2.0 7.6 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.6^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/92479
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578	Mitigation Vendor Advisory
http://www.securityfocus.com/bid/92479
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578	Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:converged_infrastructure_solution_sizer_suite::::::::
	cpe:2.3:a:hp:insight_management_sizer::::::::
	cpe:2.3:a:hp:power_advisor::::::::
	cpe:2.3:a:hp:sap_sizing_tool::::::::
	cpe:2.3:a:hp:sizer_for_converged_systems_virtualization::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2010::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2013::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2016::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_lync_server_2013::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_sharepoint_2010::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_sharepoint_2013::::::::
	cpe:2.3:a:hp:sizer_for_microsoft_skype_for_business_server_2015::::::::
	cpe:2.3:a:hp:sizing_tool_for_sap_business_suite_powered_by_hana::::::::
	cpe:2.3:a:hp:storage_sizing_tool::::::::
	cpe:2.3:a:hp:synergy_planning_tool::::::::

History

21 Nov 2024, 02:51

Type	Values Removed	Values Added
References	~~() http://www.securityfocus.com/bid/92479 -~~	() http://www.securityfocus.com/bid/92479 -
References	~~() https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578 - Mitigation, Vendor Advisory~~	() https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578 - Mitigation, Vendor Advisory

Information

Published : 2016-08-22 10:59

Updated : 2024-11-21 02:51

NVD link : CVE-2016-4377

Mitre link : CVE-2016-4377

CVE.ORG link : CVE-2016-4377

JSON object : View

Products Affected

sizer_for_microsoft_sharepoint_2013
sap_sizing_tool
insight_management_sizer
power_advisor
converged_infrastructure_solution_sizer_suite
sizer_for_microsoft_lync_server_2013
sizer_for_converged_systems_virtualization
sizer_for_microsoft_exchange_server_2016
sizing_tool_for_sap_business_suite_powered_by_hana
synergy_planning_tool
storage_sizing_tool
sizer_for_microsoft_exchange_server_2013
sizer_for_microsoft_skype_for_business_server_2015
sizer_for_microsoft_exchange_server_2010
sizer_for_microsoft_sharepoint_2010

CWE

NVD-CWE-noinfo

8.1 /10