Remote Command Execution Vulnerability in HPE Universal CMDB and Related Products
CVE-2016-4368
9.8CRITICAL
What is CVE-2016-4368?
Hewlett Packard Enterprise's Universal CMDB and its associated configuration and discovery tools are susceptible to a vulnerability that allows remote attackers to execute arbitrary commands. This occurs through the deserialization of crafted Java objects that impact the Apache Commons Collections library. The flaw is present in versions ranging from 10.0 to 10.21, making it critical for users to ensure their installations are updated and secured against potential remote exploits.