CVE-2016-4378

{"id": "CVE-2016-4378", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-08-26T19:59:07.883", "references": [{"url": "http://www.securityfocus.com/bid/92649", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1036686", "source": "cve@mitre.org"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/92649", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036686", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "Los componentes (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor y (5) Hitachi Automation Director (HAD) en HPE XP P9000 Command View Advanced Edition Software en versiones anteriores a 8.4.1-00 y XP7 Command View Advanced Edition Suite en versiones anteriores a 8.4.1-00 permiten a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T02:51:59.250", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:xp_9000_command_view:*:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "8D76CD38-8A93-4753-A5D4-292EB9EBAEC1", "versionEndIncluding": "8.4.0"}, {"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "C1CDF5F5-AF4F-4C5C-B0A1-A57A49700C38", "versionEndIncluding": "8.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}