var-201608-0291
Vulnerability from variot
The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. Multiple HP Products are prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xp7 command view",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "8.4.0"
},
{
"model": "xp 9000 command view",
"scope": "lte",
"trust": 1.0,
"vendor": "hp",
"version": "8.4.0"
},
{
"model": "hpe xp p9000 command view",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "advanced edition software 8.4.1-00"
},
{
"model": "hpe xp7 command view advanced edition suite",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "8.4.1-00"
},
{
"model": "xp7 command view",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "8.4.0"
},
{
"model": "xp 9000 command view",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "8.4.0"
},
{
"model": "xp7 command view advanced edition suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.0-00"
},
{
"model": "xp7 command view advanced edition suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0.0-02"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.0-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0-02"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.0-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.1-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4.0-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0.0-02"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0.0-00"
},
{
"model": "xp7 command view advanced edition suite",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.1-00"
},
{
"model": "xp p9000 tiered storage manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.1-00"
},
{
"model": "xp p9000 replication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.1-00"
},
{
"model": "xp p9000 command view advanced edition",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.4.1-00"
}
],
"sources": [
{
"db": "BID",
"id": "92649"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:xp_9000_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4378"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "92649"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4378",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4378",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4378",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4378",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-467",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors. Multiple HP Products are prone to a remote information-disclosure vulnerability. \nRemote attackers can exploit this issue to obtain sensitive information that may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "BID",
"id": "92649"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4378",
"trust": 2.7
},
{
"db": "BID",
"id": "92649",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1036686",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "92649"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"id": "VAR-201608-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23809524
},
"last_update_date": "2023-12-18T13:48:46.970000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBST03636",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05241355"
},
{
"title": "HPE XP P9000 Command View Advanced Edition and XP7 Command View Advanced Edition Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63790"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/92649"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05241355"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1036686"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4378"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4378"
},
{
"trust": 0.3,
"url": "http://www.hp.com/"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05241355"
}
],
"sources": [
{
"db": "BID",
"id": "92649"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "92649"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "BID",
"id": "92649"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"date": "2016-08-26T19:59:07.883000",
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"date": "2016-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "BID",
"id": "92649"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004477"
},
{
"date": "2016-11-28T20:17:41.397000",
"db": "NVD",
"id": "CVE-2016-4378"
},
{
"date": "2016-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HPE XP P9000 CVAE Software and XP7 CVAE Suite Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-467"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.