CVE-2013-6197

Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors.

CVSS v2.0 5.2 MEDIUM

5.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:A/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 5.1 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04052075	Vendor Advisory
http://www.securitytracker.com/id/1029541
https://exchange.xforce.ibmcloud.com/vulnerabilities/89974

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:service_manager:9.20:::::::*
	cpe:2.3:a:hp:service_manager:9.21:::::::*
	cpe:2.3:a:hp:service_manager_web_tier:9.21:::::::*
	cpe:2.3:a:hp:service_manager_web_client:9.20:::::::*
	cpe:2.3:a:hp:service_manager_web_client:9.21:::::::*
	cpe:2.3:a:hp:service_manager_web_tier:9.20:::::::*

Information

Published : 2013-12-28 20:25

Updated : 2017-08-28 18:33

NVD link : CVE-2013-6197

Mitre link : CVE-2013-6197

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

hp

service_manager
service_manager_web_client
service_manager_web_tier

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04052075", "name": "SSRT101405", "tags": ["Vendor Advisory"], "refsource": "HP"}, {"url": "http://www.securitytracker.com/id/1029541", "name": "1029541", "tags": [], "refsource": "SECTRACK"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89974", "name": "hp-service-manager-cve20136197-code-exec(89974)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote authenticated users to execute arbitrary code via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-6197", "ASSIGNER": "hp-security-alert@hp.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.2, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-12-29T04:25Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:service_manager:9.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:service_manager:9.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:service_manager_web_tier:9.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:service_manager_web_client:9.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:service_manager_web_client:9.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:service_manager_web_tier:9.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:33Z"}