CVE-2016-8529 Information

Description

A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version.

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Reference

http://www.securityfocus.com/bid/95970 http://www.securitytracker.com/id/1037762 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382958

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

HIGH

Base Severity

7.6