VYPR
Critical severity9.8NVD Advisory· Published Mar 22, 2016· Updated Jun 17, 2026

CVE-2016-1997

CVE-2016-1997

Description

HPE Operations Orchestration 10.x before 10.51 and Operations Orchestration content before 1.7.0 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Affected products

12
  • cpe:2.3:a:hp:operations_orchestration:10.0:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:hp:operations_orchestration:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.01:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.02:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.10:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.20:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.21:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.22:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.22.1:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:operations_orchestration:10.50:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:operations_orchestration_content:*:*:*:*:*:*:*:*
    Range: <=1.5.3
  • <10.51+ 1 more
    • (no CPE)range: <10.51
    • (no CPE)range: <1.7.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.