Vulnerability Details : CVE-2014-2632
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
Vulnerability category: Execute code
Products affected by CVE-2014-2632
- cpe:2.3:a:hp:service_manager:9.21:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.31:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.32:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.33:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:7.21:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-2632
38.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-2632
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2014-2632
-
http://www.securitytracker.com/id/1030756
HP Service Manager Bugs Let Remote Users Gain Elevated Privileges, Modify Data, and Deny Service and Conduct Cross-Site Scripting and Cross-Site Requset Forgery Attacks - SecurityTracker
-
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/95448
HP Service Manager SM WebTier privilege escalation CVE-2014-2632 Vulnerability Report
-
http://www.securityfocus.com/bid/69377
HP Service Manager CVE-2014-2632 Unspecified Remote Privilege Escalation Vulnerability
-
http://secunia.com/advisories/60028
Sign in
-
http://secunia.com/advisories/60714
Sign in
Jump to