Remote Code Execution Vulnerability in HPE KeyView Products
CVE-2016-4389

8.1HIGH

Key Information:

Vendor
HP
Status
Keyview
Vendor
CVE Published:
5 October 2016

Summary

The Filter SDK in HPE KeyView versions 10.18 to 10.24 is susceptible to a security flaw that enables remote attackers to execute arbitrary code through unspecified vectors. This vulnerability poses significant risks, as it allows unauthorized users to leverage the system in harmful ways, potentially leading to data breaches or system compromise. It is essential for users of affected versions to apply security updates and patches to mitigate the risks associated with this vulnerability.

References

http://www.securitytracker.com/id/1036935
vdb-entryx_refsource_SECTRACK
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93424
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.