CVE-2016-4393

5.4MEDIUM

Key Information:

Vendor: HP
Status: HP System Management Homepage Before V7.6
Vendor: CVE Published:; 28 October 2016

Summary

HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.

Affected Version(s)

HPE System Management Homepage before v7.6 HPE System Management Homepage before v7.6

References

http://www.securityfocus.com/bid/93961

vdb-entryx_refsource_BID

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...

x_refsource_CONFIRM

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 28, 2016
Vulnerability Reserved
Apr 29, 2016