CVE-2013-4836

HP ALM Synchronizer < 1.41 - Remote Code Execution via GossipService SOAP Request

Title source: manual
STIX 2.1

Description

Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.

References (1)

Core 1
Core References

Scores

EPSS 0.0554
EPSS Percentile 91.9%

Details

Status published
Products (5)
hp/alm_synchronizer 1.10
hp/alm_synchronizer 1.20
hp/alm_synchronizer 1.30
hp/alm_synchronizer 1.40
hp/alm_synchronizer < 1.41
Published Nov 04, 2013
Tracked Since Feb 18, 2026