High severity8.0NVD Advisory· Published Jun 19, 2016· Updated May 6, 2026
CVE-2016-4371
CVE-2016-4371
Description
HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
Affected products
48cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.41:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.35:*:*:*:*:*:*:*
cpe:2.3:a:hp:service_manager_server:9.40:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager_server:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.41:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_server:9.35:*:*:*:*:*:*:*
cpe:2.3:a:hp:service_manager_service_request_catalog:9.30:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.35:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_service_request_catalog:9.41:*:*:*:*:*:*:*
cpe:2.3:a:hp:service_manager_web_client:9.30:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager_web_client:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.35:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_web_client:9.41:*:*:*:*:*:*:*
cpe:2.3:a:hp:service_manager_windows_client:9.30:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager_windows_client:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.35:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_windows_client:9.41:*:*:*:*:*:*:*
cpe:2.3:a:hp:service_manager_mobility:9.30:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:hp:service_manager_mobility:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.34:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.35:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.40:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager_mobility:9.41:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdVendor Advisory
News mentions
0No linked articles in our index yet.