CVE-2016-4394

6.5MEDIUM

Key Information:

Vendor: HP
Status: HP System Management Homepage Before V7.6
Vendor: CVE Published:; 28 October 2016

Summary

HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.

Affected Version(s)

HPE System Management Homepage before v7.6 HPE System Management Homepage before v7.6

References

http://www.securityfocus.com/bid/93961

vdb-entryx_refsource_BID

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/do...

x_refsource_CONFIRM

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2016
Vulnerability Reserved
Apr 29, 2016