Lucene search

[email protected]NVD:CVE-2016-2016

HistoryMay 14, 2016 - 3:59 p.m.

CVE-2016-2016

2016-05-1415:59:05

CWE-284

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user: entries, which allows local users to bypass intended access restrictions by leveraging the configuration of a parent directory.

Affected configurations

Nvd

Node

hphp-uxMatch11.11iv3

AND

hpbase-vxfs-50Matchb.05.00.01

hpbase-vxfs-50Matchb.05.00.02

hpbase-vxfs-501Matchb.05.01.0

hpbase-vxfs-501Matchb.05.01.01

hpbase-vxfs-501Matchb.05.01.03

hpbase-vxfs-51Matchb.05.10.00

hpbase-vxfs-51Matchb.05.10.02

VendorProductVersionCPE
hphp-ux11.11icpe:2.3:o:hp:hp-ux:11.11i:v3:*:*:*:*:*:*
hpbase-vxfs-50b.05.00.01cpe:2.3:a:hp:base-vxfs-50:b.05.00.01:*:*:*:*:*:*:*
hpbase-vxfs-50b.05.00.02cpe:2.3:a:hp:base-vxfs-50:b.05.00.02:*:*:*:*:*:*:*
hpbase-vxfs-501b.05.01.0cpe:2.3:a:hp:base-vxfs-501:b.05.01.0:*:*:*:*:*:*:*
hpbase-vxfs-501b.05.01.01cpe:2.3:a:hp:base-vxfs-501:b.05.01.01:*:*:*:*:*:*:*
hpbase-vxfs-501b.05.01.03cpe:2.3:a:hp:base-vxfs-501:b.05.01.03:*:*:*:*:*:*:*
hpbase-vxfs-51b.05.10.00cpe:2.3:a:hp:base-vxfs-51:b.05.10.00:*:*:*:*:*:*:*
hpbase-vxfs-51b.05.10.02cpe:2.3:a:hp:base-vxfs-51:b.05.10.02:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	hp-ux	11.11i	cpe:2.3:o:hp:hp-ux:11.11i:v3::::::
hp	base-vxfs-50	b.05.00.01	cpe:2.3:a:hp:base-vxfs-50:b.05.00.01:::::::*
hp	base-vxfs-50	b.05.00.02	cpe:2.3:a:hp:base-vxfs-50:b.05.00.02:::::::*
hp	base-vxfs-501	b.05.01.0	cpe:2.3:a:hp:base-vxfs-501:b.05.01.0:::::::*
hp	base-vxfs-501	b.05.01.01	cpe:2.3:a:hp:base-vxfs-501:b.05.01.01:::::::*
hp	base-vxfs-501	b.05.01.03	cpe:2.3:a:hp:base-vxfs-501:b.05.01.03:::::::*
hp	base-vxfs-51	b.05.10.00	cpe:2.3:a:hp:base-vxfs-51:b.05.10.00:::::::*
hp	base-vxfs-51	b.05.10.02	cpe:2.3:a:hp:base-vxfs-51:b.05.10.02:::::::*

References

www.securitytracker.com/id/1035816

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121749

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2016-2016

cvelist1 cve1 prion1