Remote Code Execution Vulnerability in HPE KeyView
CVE-2016-4387

8.1HIGH

Key Information:

Vendor

HP
Status
Keyview
Vendor
CVE Published:
5 October 2016

What is CVE-2016-4387?

The Filter SDK present in versions 10.18 through 10.24 of HPE KeyView is susceptible to a vulnerability that enables remote attackers to execute arbitrary code. Attackers can exploit this flaw through various unspecified vectors, potentially compromising systems that utilize this software. It’s crucial for organizations using affected versions to apply mitigations as soon as possible to safeguard their environments.

References

http://www.securitytracker.com/id/1036935
vdb-entryx_refsource_SECTRACK
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93424
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-4387 : Remote Code Execution Vulnerability in HPE KeyView