What is CVE-2016-2016?

CVE-2016-2016 is a medium-severity vulnerability in Hp Base-vxfs-50, classified under Improper Access Control. CVSS score: 5.5/10. Published 2016-05-14.

How severe is CVE-2016-2016?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Vulnerability in Hp Base-vxfs-50

CVE-2016-2016

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:cla…

EPSS: 0.001 (17.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Hp Base-vxfs-50 — versions b.05.00.01, b.05.00.02
Hp Base-vxfs-501 — versions b.05.01.0, b.05.01.01, b.05.01.03
Hp Base-vxfs-51 — versions b.05.10.00, b.05.10.02
Hp Hp-ux — versions 11.11i
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
1035816 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-2016?: CVE-2016-2016 is a medium-severity vulnerability in Hp Base-vxfs-50, classified under Improper Access Control. CVSS score: 5.5/10. Published 2016-05-14.
How severe is CVE-2016-2016?: Medium severity. CVSS v3 base score is 5.5 out of 10.