CVE-2016-4369

Properties

Published:
07.06.2016
Updated:
11.06.2016
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Product:
hp: discovery_and_dependency_mapping_inventory
hp: discovery_and_dependency_mapping_inventory
hp: discovery_and_dependency_mapping_inventory

Vulnerability description

HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

References:

CONFIRM:https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164819