← Back

CVE-2016-8511

nvd nist
Published: Feb 15, 2018Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.

Affected (12)

Hp
1 product
Network Automation
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Hp
Network Automation
Version 10.00.01
Network Automation
Version 10.00.02
Network Automation
Version 10.00
Network Automation
Version 10.10
Network Automation
Version 10.11.01
Network Automation
Version 10.11
Network Automation
Version 10.20
Network Automation
Version 9.10
Network Automation
Version 9.20
Network Automation
Version 9.22.01
Network Automation
Version 9.22.02
Network Automation
Version 9.22

Related CWEs

CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (6)

Source: security-alert@hpe.com
Third Party AdvisoryVDB Entry
Source: security-alert@hpe.com
Vendor Advisory
Source: security-alert@hpe.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.