CVE-2016-4394

Опубликовано: 28 окт. 2016

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue.

Ссылки

http://www.securityfocus.com/bid/93961
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149
Vendor Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
http://www.securityfocus.com/bid/93961
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149
Vendor Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*

Версия до 7.5.5.0 (включая)

EPSS

Процентиль: 65%

0.00485

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-254

Связанные уязвимости

GHSA-jrxr-w99j-7ghc