CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4831
https://notcve.org/view.php?id=CVE-2013-4831
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. HP Service Manager 9.30 hasta 9.32 no administra apropiadamente los privilegios, lo que permite a usuarios remotos autenticados obtener información sensible o modificar datos a través de vectores no especificados. • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03960916 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4833
https://notcve.org/view.php?id=CVE-2013-4833
Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP Service Manager 9.30 hasta la versión 9.32 permite a atacantes remotos inyectar script web o HTML arbitrario a través de vectores sin especificar. • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03960916 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4832
https://notcve.org/view.php?id=CVE-2013-4832
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors. HP Service Manager 9.30 hasta 9.32 permite a usuarios remotos autenticados obtener información sensible a través de vectores no especificados. • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03960916 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2013-4830
https://notcve.org/view.php?id=CVE-2013-4830
HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach. HP Service Manager 9.30 hasta la versión 9.32 permite a atacantes remotos ejecutar código arbitrario a través de una inyección sin especificar. • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03960916 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2013-4808
https://notcve.org/view.php?id=CVE-2013-4808
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors. Vulnerabilidad sin especificar en HP Service Manager v7.11, v9.21, v9.30, y v9.31 y Service Center v6.2.8 permite a atacantes remotos obtener acceso privilegiado a través de vectores desconocidos. • http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03888320 http://secunia.com/advisories/54546 http://www.securitytracker.com/id/1028912 https://exchange.xforce.ibmcloud.com/vulnerabilities/86444 •