CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2633
https://notcve.org/view.php?id=CVE-2014-2633
Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en el servidor en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69376 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95449 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 0CVE-2014-2632
https://notcve.org/view.php?id=CVE-2014-2632
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el componente WebTier en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69377 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95448 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2013-6222
https://notcve.org/view.php?id=CVE-2013-6222
Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en los componentes Mobility Web Client y Service Request Catalog (SRC) en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69380 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95447 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.4EPSS: 1%CPEs: 6EXPL: 0CVE-2014-2634
https://notcve.org/view.php?id=CVE-2014-2634
Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors. Vulnerabilidad no especificada en el servidor en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos evadir las restricciones de acceso, y modificar datos o causar una denegación de servicio, a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69379 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95450 •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2013-4844
https://notcve.org/view.php?id=CVE-2013-4844
Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP Service Manager 7.11, 9.21, 9.30, 9.31, y 9.32, y ServiceCenter 6.2.8, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04026812 •