CVE-2013-6202

medium HPE
CVSS v3 Base Score
6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS Score
0.4%
Exploitation probability in 30 days
Top 37% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P
Published: February 24, 2014 (4463 days ago)
Last Modified: April 29, 2026
Vendor: HPE
Source: NVD

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.

CWE

CWE-352

Affected Products

hp service manager

References

🔗 h20565.www2.hp.com 🔗 www.securitytracker.com 🔗 h20565.www2.hp.com 🔗 www.securitytracker.com