CVE-2013-6202

Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.

Published: Feb 24, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-6202
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
hp / service_manager	9.33	9.33.x
hp / service_manager	9.32	9.32.x
hp / service_manager	9.30	9.30.x
hp / service_manager	9.31	9.31.x

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626
http://www.securitytracker.com/id/1029803

Vulnerability Database

289,697

CVE-2013-6202