CVE-2016-8529

{"id": "CVE-2016-8529", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:C", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 8.5, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.6, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 2.8}]}, "published": "2018-02-15T22:29:01.170", "references": [{"url": "http://www.securityfocus.com/bid/95970", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security-alert@hpe.com"}, {"url": "http://www.securitytracker.com/id/1037762", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security-alert@hpe.com"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382958", "tags": ["Vendor Advisory"], "source": "security-alert@hpe.com"}, {"url": "http://www.securityfocus.com/bid/95970", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037762", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382958", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad de ejecuci\u00f3n remota de comandos arbitrarios en HPE StoreVirtual 4000 Storage y StoreVirtual VSA Software que ejecutan LeftHand OS en versiones v12.5 y anteriores. El problema se ha resuelto en LeftHand OS v12.6 o en versiones posteriores."}], "lastModified": "2024-11-21T02:59:33.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:lefthand:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "893DFCFB-C2A2-4346-B2A5-14E4CC5FA910", "versionEndIncluding": "12.5"}], "operator": "OR"}]}], "sourceIdentifier": "security-alert@hpe.com"}