Remote User Validation Flaw in HPE Performance Center
CVE-2016-4382

8.3HIGH

Key Information:

Vendor
HP
Status
Performance Center
Vendor
CVE Published:
21 September 2016

Summary

HPE Performance Center allows remote attackers to bypass access restrictions, posing a risk of unauthorized access. This vulnerability arises from a failure in remote user validation, potentially exposing sensitive data and functionality to malicious actors. Ensuring proper access control measures is critical to safeguarding the integrity of the platform.

References

http://www.securitytracker.com/id/1036770
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92915
vdb-entryx_refsource_BID
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.