Local Code Execution Vulnerability in HP Network Node Manager i Software
CVE-2016-4397

7.8HIGH

Key Information:

Vendor

HP
Status
HP Network Node Manager (nnmi)
Vendor
CVE Published:
6 August 2018

What is CVE-2016-4397?

A local code execution vulnerability was discovered in HP Network Node Manager i (NNMi) affecting versions 10.00, 10.10, and 10.20. This flaw potentially allows unauthorized users to execute arbitrary code within the context of the affected system. Users are advised to apply patches and updates from HP to mitigate the risk associated with this vulnerability.

Affected Version(s)

HP Network Node Manager (NNMi) v10.00, v10.10 and v10.20

References

http://www.securitytracker.com/id/1037234
vdb-entryx_refsource_SECTRACK
https://support.hpe.com/hpsc/doc/public/display?docLocale...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94154
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.