Access Control Bypass in HPE XP7 Command View by HPE
CVE-2016-4381

4.5MEDIUM

Key Information:

Vendor

HP
Status
Xp7 Command View
Vendor
CVE Published:
8 September 2016

What is CVE-2016-4381?

HPE XP7 Command View Advanced Edition, specifically versions 6.x through 8.x before 8.4.1-02, has a vulnerability that allows local users to bypass established access restrictions when the Replication Manager and Device Manager features are enabled. This can lead to unauthorized access to sensitive configurations and system controls, potentially compromising data integrity and availability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/92733
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.