Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в HP Service Manager
дополнено с 5 ноября 2013 г.
Опубликовано:1 декабря 2013 г.
Источник:
SecurityVulns ID:13385
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода, повышение привилегий, утечка информации, XSS.
Затронутые продукты:HP : HP Service Manager 9.32
CVE:CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-4832 (HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.)
 CVE-2013-4831 (HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.)
 CVE-2013-4830 (HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution (01.12.2013)
 documentHP, [security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) (05.11.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород