VYPR

Service Manager

by Microfocus

CVEs (44)

  • CVE-2019-11668Sep 10, 2019
    risk 0.00cvss epss 0.01

    HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service…

  • CVE-2019-11646Jun 3, 2019
    risk 0.00cvss epss 0.03

    Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and…

  • CVE-2018-18591Nov 13, 2018
    risk 0.00cvss epss 0.01

    A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.

  • CVE-2014-2633Aug 23, 2014
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2013-6222Aug 23, 2014
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-6202Feb 24, 2014
    risk 0.00cvss epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.

  • CVE-2013-6198Dec 29, 2013
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-6197Dec 29, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors.

  • CVE-2013-4844Nov 29, 2013
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.

  • CVE-2013-4833Oct 16, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-4832Oct 16, 2013
    risk 0.00cvss epss 0.01

    HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2013-4831Oct 16, 2013
    risk 0.00cvss epss 0.01

    HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

  • CVE-2013-4830Oct 16, 2013
    risk 0.00cvss epss 0.06

    HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.

  • CVE-2013-4808Aug 18, 2013
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors.

  • CVE-2013-2337Jun 14, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-2336Jun 14, 2013
    risk 0.00cvss epss 0.02

    HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2011-1863Jun 14, 2011
    risk 0.00cvss epss 0.01

    HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors.

  • CVE-2011-1862Jun 14, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-1861Jun 14, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors.

  • CVE-2011-1860Jun 14, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors.