Vulnerability Details CVE-2013-6202
Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626
- http://www.securitytracker.com/id/1029803
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626
- http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626
- http://www.securitytracker.com/id/1029803
Products affected by CVE-2013-6202
-
cpe:2.3:a:hp:service_manager:9.30
-
cpe:2.3:a:hp:service_manager:9.31
-
cpe:2.3:a:hp:service_manager:9.32
-
cpe:2.3:a:hp:service_manager:9.33