CVE-2016-1999

Loading...

General

Score:10.0/10.0
Severity:High
Category:Access Control Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 30/05/16 - Updated on 01/12/16

Description

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Category: Access Control Error

CWE-284 (Improper Access Control)
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Security Notices

US National Vulnerability DatabaseCVE-2016-1999

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
hprelease_control

Share this vulnerability with:

Twitter Facebook LinkedIn Mail