CVE-2013-4836
HP ALM Synchronizer < 1.41 - Remote Code Execution via GossipService SOAP Request
Title source: manualDescription
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969436
Scores
EPSS
0.0552
EPSS Percentile
90.3%
Details
Status
published
Products (5)
hp/alm_synchronizer
1.10
hp/alm_synchronizer
1.20
hp/alm_synchronizer
1.30
hp/alm_synchronizer
1.40
hp/alm_synchronizer
< 1.41
Published
Nov 04, 2013
Tracked Since
Feb 18, 2026