CVE-2013-6202

HP Service Manager 9.30-9.33 - Cross-Site Request Forgery

Title source: llm

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_hp

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1029803

Scores

EPSS 0.0044

EPSS Percentile 63.1%

Details

CWE

CWE-352

Status published

Products (4)

hp/service_manager 9.30

hp/service_manager 9.31

hp/service_manager 9.32

hp/service_manager 9.33

Published Feb 24, 2014

Tracked Since Feb 18, 2026