CVE-2016-4371

HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.

Published: Jun 19, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-4371
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6
AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
hp / service_manager_windows_client	9.31	9.31.x
hp / service_manager_server	9.30	9.30.x
hp / service_manager_server	9.40	9.40.x
hp / service_manager_service_request_catalog	9.41	9.41.x
hp / service_manager_web_client	9.31	9.31.x
hp / service_manager_server	9.35	9.35.x
hp / service_manager	9.41	9.41.x
hp / service_manager_windows_client	9.33	9.33.x
hp / service_manager_service_request_catalog	9.30	9.30.x
hp / service_manager_mobility	9.35	9.35.x
hp / service_manager	9.33	9.33.x
hp / service_manager_windows_client	9.41	9.41.x
hp / service_manager_server	9.34	9.34.x
hp / service_manager_server	9.31	9.31.x
hp / service_manager_mobility	9.33	9.33.x
hp / service_manager_mobility	9.30	9.30.x
hp / service_manager_mobility	9.32	9.32.x
hp / service_manager_server	9.32	9.32.x
hp / service_manager_service_request_catalog	9.35	9.35.x
hp / service_manager_web_client	9.34	9.34.x
hp / service_manager_service_request_catalog	9.33	9.33.x
hp / service_manager	9.35	9.35.x
hp / service_manager_web_client	9.41	9.41.x
hp / service_manager	9.32	9.32.x
hp / service_manager	9.30	9.30.x
hp / service_manager_windows_client	9.32	9.32.x
hp / service_manager_web_client	9.40	9.40.x
hp / service_manager_web_client	9.35	9.35.x
hp / service_manager_windows_client	9.30	9.30.x
hp / service_manager_service_request_catalog	9.32	9.32.x
hp / service_manager_mobility	9.41	9.41.x
hp / service_manager_web_client	9.33	9.33.x
hp / service_manager_service_request_catalog	9.34	9.34.x
hp / service_manager	9.40	9.40.x
hp / service_manager	9.34	9.34.x
hp / service_manager_web_client	9.32	9.32.x
hp / service_manager_windows_client	9.34	9.34.x
hp / service_manager_mobility	9.34	9.34.x
hp / service_manager_server	9.41	9.41.x
hp / service_manager_mobility	9.40	9.40.x
hp / service_manager_web_client	9.30	9.30.x
hp / service_manager_mobility	9.31	9.31.x
hp / service_manager_server	9.33	9.33.x
hp / service_manager_service_request_catalog	9.31	9.31.x
hp / service_manager_service_request_catalog	9.40	9.40.x
hp / service_manager	9.31	9.31.x
hp / service_manager_windows_client	9.35	9.35.x
hp / service_manager_windows_client	9.40	9.40.x

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176

Vulnerability Database

289,697

CVE-2016-4371