CVE-2016-4405

Опубликовано: 06 авг. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Средний

Описание

A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26

Ссылки

http://www.securityfocus.com/bid/94183
Third Party Advisory
VDB Entry
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05327447
Vendor Advisory
http://www.securityfocus.com/bid/94183
Third Party Advisory
VDB Entry
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05327447
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hp:business_service_management:*:*:*:*:*:*:*:*

Версия от 9.20 (включая) до 9.26 (включая)

EPSS

Процентиль: 95%

0.16011

Средний

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-502

Связанные уязвимости

GHSA-7933-ccm5-83cf