{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-08-15T00:00:00", "descriptions": [{"lang": "en", "value": "HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "92479", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92479"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4377", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92479", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92479"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4377", "datePublished": "2016-08-22T10:00:00", "dateReserved": "2016-04-29T00:00:00", "dateUpdated": "2016-11-25T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:converged_infrastructure_solution_sizer_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4AF232F-E2B8-418A-A13D-1BABC2535407", "versionEndIncluding": "2.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:insight_management_sizer:*:*:*:*:*:*:*:*", "matchCriteriaId": "059D69D1-C28F-4ACF-B8DB-50786AFC04E6", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:power_advisor:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3916EA9-284D-438C-9118-D94CBFBE3FE6", "versionEndIncluding": "7.8.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sap_sizing_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB7EB994-1ED4-43E4-88D2-A75BA1DB3FCF", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_converged_systems_virtualization:*:*:*:*:*:*:*:*", "matchCriteriaId": "C235B5B3-0B14-4C78-B55E-F957EACAF81B", "versionEndIncluding": "16.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2010:*:*:*:*:*:*:*:*", "matchCriteriaId": "892948C9-0CCD-47C9-B218-0AD6A43999A6", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2013:*:*:*:*:*:*:*:*", "matchCriteriaId": "1189A8A5-D12A-4AEC-A25B-E5EE6B77B509", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_exchange_server_2016:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCBD80C2-70D4-4BC6-81D6-A826493F63F1", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_lync_server_2013:*:*:*:*:*:*:*:*", "matchCriteriaId": "63C903E9-45DD-44D0-954C-6DD8787D615E", "versionEndIncluding": "16.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_sharepoint_2010:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6FAA161-BA9E-4311-9583-0524D6DDF649", "versionEndIncluding": "16.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_sharepoint_2013:*:*:*:*:*:*:*:*", "matchCriteriaId": "86694748-5642-4BC6-87CB-611FB6D4ED25", "versionEndIncluding": "16.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizer_for_microsoft_skype_for_business_server_2015:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B4D35C3-226F-4160-8D18-C4B33273792B", "versionEndIncluding": "16.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:sizing_tool_for_sap_business_suite_powered_by_hana:*:*:*:*:*:*:*:*", "matchCriteriaId": "79B1AEEB-BA57-4846-8F6D-4DC90BDB1341", "versionEndIncluding": "16.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:storage_sizing_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE35E7B3-C16E-4D85-8483-4D10855BB69C", "versionEndIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:synergy_planning_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "044A2543-C1B0-4AD6-9634-597CA02F24CC", "versionEndIncluding": "3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HPE Smart Update in Storage Sizing Tool before 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) before 2.13.1, Power Advisor before 7.8.2, Insight Management Sizer before 16.12.1, Synergy Planning Tool before 3.3, SAP Sizing Tool before 16.12.1, Sizing Tool for SAP Business Suite powered by HANA before 16.11.1, Sizer for ConvergedSystems Virtualization before 16.7.1, Sizer for Microsoft Exchange Server before 16.12.1, Sizer for Microsoft Lync Server 2013 before 16.12.1, Sizer for Microsoft SharePoint 2013 before 16.13.1, Sizer for Microsoft SharePoint 2010 before 16.11.1, and Sizer for Microsoft Skype for Business Server 2015 before 16.5.1 allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "HPE Smart Update en Storage Sizing Tool en versiones anteriores a 13.0, Converged Infrastructure Solution Sizer Suite (CISSS) en versiones anteriores a 2.13.1, Power Advisor en versiones anteriores a 7.8.2, Insight Management Sizer en versiones anteriores a 16.12.1, Synergy Planning Tool en versiones anteriores a 3.3, SAP Sizing Tool en versiones anteriores a 16.12.1, Sizing Tool para SAP Business Suite impulsado por HANA en versiones anteriores a 16.11.1, Sizer para ConvergedSystems Virtualization en versiones anteriores a 16.7.1, Sizer para Microsoft Exchange Server en versiones anteriores a 16.12.1, Sizer para Microsoft Lync Server 2013 en versiones anteriores a 16.12.1, Sizer para Microsoft SharePoint 2013 en versiones anteriores a 16.13.1, Sizer para Microsoft SharePoint 2010 en versiones anteriores a 16.11.1 y Sizer para Microsoft Skype para Business Server 2015 en versiones anteriores a 16.5.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "id": "CVE-2016-4377", "lastModified": "2016-11-28T20:17:40.303", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-22T10:59:06.713", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/92479"}, {"source": "cve@mitre.org", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05237578"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}