Remote Command Execution in HP Network Automation Software
CVE-2016-4385

7.3HIGH

Key Information:

Vendor

HP
Status
Network Automation
Vendor
CVE Published:
29 September 2016

What is CVE-2016-4385?

The RMI service in HP Network Automation Software versions 9.1x, 9.2x, and specific 10.x versions is vulnerable to remote command execution. This vulnerability stems from an insecure deserialization of crafted serialized Java objects, which can be exploited by attackers to execute arbitrary commands. The issue relates to weaknesses in the Apache Commons Collections and Commons BeanUtils libraries, potentially compromising system integrity and security.

References

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId...
x_refsource_CONFIRM
http://www.zerodayinitiative.com/advisories/ZDI-16-523/
x_refsource_MISC
https://www.tenable.com/security/research/tra-2016-27
x_refsource_MISC

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-4385 : Remote Command Execution in HP Network Automation Software