HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Service_manager | Hp | 9.30 (including) | 9.30 (including) |
Service_manager | Hp | 9.31 (including) | 9.31 (including) |
Service_manager | Hp | 9.32 (including) | 9.32 (including) |
Service_manager | Hp | 9.33 (including) | 9.33 (including) |
Service_manager | Hp | 9.34 (including) | 9.34 (including) |
Service_manager | Hp | 9.35 (including) | 9.35 (including) |
Service_manager | Hp | 9.40 (including) | 9.40 (including) |
Service_manager | Hp | 9.41 (including) | 9.41 (including) |
Service_manager_mobility | Hp | 9.30 (including) | 9.30 (including) |
Service_manager_mobility | Hp | 9.31 (including) | 9.31 (including) |
Service_manager_mobility | Hp | 9.32 (including) | 9.32 (including) |
Service_manager_mobility | Hp | 9.33 (including) | 9.33 (including) |
Service_manager_mobility | Hp | 9.34 (including) | 9.34 (including) |
Service_manager_mobility | Hp | 9.35 (including) | 9.35 (including) |
Service_manager_mobility | Hp | 9.40 (including) | 9.40 (including) |
Service_manager_mobility | Hp | 9.41 (including) | 9.41 (including) |
Service_manager_server | Hp | 9.30 (including) | 9.30 (including) |
Service_manager_server | Hp | 9.31 (including) | 9.31 (including) |
Service_manager_server | Hp | 9.32 (including) | 9.32 (including) |
Service_manager_server | Hp | 9.33 (including) | 9.33 (including) |
Service_manager_server | Hp | 9.34 (including) | 9.34 (including) |
Service_manager_server | Hp | 9.35 (including) | 9.35 (including) |
Service_manager_server | Hp | 9.40 (including) | 9.40 (including) |
Service_manager_server | Hp | 9.41 (including) | 9.41 (including) |
Service_manager_service_request_catalog | Hp | 9.30 (including) | 9.30 (including) |
Service_manager_service_request_catalog | Hp | 9.31 (including) | 9.31 (including) |
Service_manager_service_request_catalog | Hp | 9.32 (including) | 9.32 (including) |
Service_manager_service_request_catalog | Hp | 9.33 (including) | 9.33 (including) |
Service_manager_service_request_catalog | Hp | 9.34 (including) | 9.34 (including) |
Service_manager_service_request_catalog | Hp | 9.35 (including) | 9.35 (including) |
Service_manager_service_request_catalog | Hp | 9.40 (including) | 9.40 (including) |
Service_manager_service_request_catalog | Hp | 9.41 (including) | 9.41 (including) |
Service_manager_web_client | Hp | 9.30 (including) | 9.30 (including) |
Service_manager_web_client | Hp | 9.31 (including) | 9.31 (including) |
Service_manager_web_client | Hp | 9.32 (including) | 9.32 (including) |
Service_manager_web_client | Hp | 9.33 (including) | 9.33 (including) |
Service_manager_web_client | Hp | 9.34 (including) | 9.34 (including) |
Service_manager_web_client | Hp | 9.35 (including) | 9.35 (including) |
Service_manager_web_client | Hp | 9.40 (including) | 9.40 (including) |
Service_manager_web_client | Hp | 9.41 (including) | 9.41 (including) |
Service_manager_windows_client | Hp | 9.30 (including) | 9.30 (including) |
Service_manager_windows_client | Hp | 9.31 (including) | 9.31 (including) |
Service_manager_windows_client | Hp | 9.32 (including) | 9.32 (including) |
Service_manager_windows_client | Hp | 9.33 (including) | 9.33 (including) |
Service_manager_windows_client | Hp | 9.34 (including) | 9.34 (including) |
Service_manager_windows_client | Hp | 9.35 (including) | 9.35 (including) |
Service_manager_windows_client | Hp | 9.40 (including) | 9.40 (including) |
Service_manager_windows_client | Hp | 9.41 (including) | 9.41 (including) |