Back
CVE-2016-1988
CRITICAL
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989.
Published: Mar 15, 2016
Modified: May 6, 2026
NVD-CWE-noinfo
CVSS Metrics
CVSSv3
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products (5)
| Vendor | Product | Version |
|---|---|---|
| hp | network_automation | 9.22 |
| hp | network_automation | 9.22.01 |
| hp | network_automation | 9.22.02 |
| hp | network_automation | 10.00 |
| hp | network_automation | 10.00.01 |
GitHub Security Advisory GHSA-vp7m-qmc8-m9gv
HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to...
References (4)
- http://www.securitytracker.com/id/1035192
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05030906 Patch, Vendor Advisory
- http://www.securitytracker.com/id/1035192
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05030906 Patch, Vendor Advisory
Risk Scores
CVSS Score
9.8 / 10
EPSS Score
13.50%
Top 6% most likely to be exploited
Threat Score
43.3 / 100
Data Sources
NVD
EPSS
GitHub