CVE-2016-4377

high HPE
CVSS v3 Base Score
8.1
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
16.9%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Confidentiality
High
Integrity
High
Availability
High
Published: August 22, 2016 (3553 days ago)
Last Modified: May 6, 2026
Vendor: HPE
Source: NVD

Description

HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors.

CWE

NVD-CWE-noinfo

Affected Products

hp converged infrastructure solution sizer suitehp insight management sizerhp power advisorhp sap sizing toolhp sizer for converged systems virtualizationhp sizer for microsoft exchange server 2010hp sizer for microsoft exchange server 2013hp sizer for microsoft exchange server 2016hp sizer for microsoft lync server 2013hp sizer for microsoft sharepoint 2010

References

🔗 www.securityfocus.com 🔗 h20566.www2.hpe.com 🔗 www.securityfocus.com 🔗 h20566.www2.hpe.com