vulnerability

HP System Management Homepage - HPSBMU03653 (CVE-2016-4393): Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Oct 26, 2016	Oct 27, 2016	May 3, 2019

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Oct 26, 2016

Added

Oct 27, 2016

Modified

May 3, 2019

Description

HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.

Solution

hp-system-management-homepage-update-latest

References

BID-93961
NVD-CVE-2016-4393

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report