Potential security vulnerabilities have been identified with HP Service Manager. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, unauthorized access, disclosure of Information, and authentication issues.
Effected Software Versions
HP Service Manager- v9.30
- v9.31
- v9.32
- v9.33
Solution
HP has made the following software updates available to resolve the vulnerabilities.- AIX Server 9.33.0035
- HP Itanium Server 9.33.0035
- Linux Server 9.33.0035
- Solaris Server 9.33.0035
- Windows Server 9.33.0035
- Web Tier 9.33.0035
- Windows Client 9.33.0035
- Windows Client Configuration 9.33.0035
- Mobility 9.33.0006
- Applications 9.33.0035
Technical Details
- CVE-2013-1493 - Oracle Java JRE 1.7 Remote Execution of Arbitrary Code and Denial of Service (DoS)
- CVE-2013-2067 - Apache Tomcat Authentication Issues
- CVE-2013-6202 - Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Remote Execution of Arbitrary Code, Unauthorized Access, Disclosure of Information
Post a Comment Blogger Facebook