CVE-2016-4371 - Vulnerability Details

Vendors	Products
Hp	Service Manager Service Manager Mobility Service Manager Server Service Manager Service Request Catalog Service Manager Web Client Service Manager Windows Client

Link	Providers
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-06-08T00:00:00", "descriptions": [{"lang": "en", "value": "HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-06-19T01:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4371", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:25:14.493Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4371", "datePublished": "2016-06-19T01:00:00", "dateReserved": "2016-04-29T00:00:00", "dateUpdated": "2024-08-06T00:25:14.493Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-06-08T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-06-19T01:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2016-4371 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

refsource : CONFIRM (string)

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T00:25:14.493Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2016-4371 (string)

datePublished : 2016-06-19T01:00:00 (string)

dateReserved : 2016-04-29T00:00:00 (string)

dateUpdated : 2024-08-06T00:25:14.493Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "F32B79D7-0C89-475B-B714-3CB1D7064491", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "F3065EC7-1FE4-4715-BF04-09D7CB7F9C8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "05C97132-741B-4EA8-9023-CAD01A7651EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "DDE568ED-E354-4943-987E-35A796DCE0D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "6AFCACDA-F200-4CA8-934A-DA8C89B7B4DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "FB8AEB78-8437-4A12-BE8E-4876BB84D13C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "32058060-DE9B-41DB-8DEF-871ED464FECB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "8D9E9027-0259-4DFD-8621-2AE778EE1ABD", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "8405E87D-FF4D-4505-B8EF-D8D473D73378", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "39ACD174-D7E4-486E-A79E-5839B3955C85", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "65EEA823-86F4-46E4-87FA-6457F34F52DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "5DD6DF0E-3F6C-47F8-A7DF-6501E3366BB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "95D94475-E9D1-4EFF-A898-B593EB02B97F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "32F4F277-E82A-454A-B19F-E11DFD821ED0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "28762966-4C03-4321-8E04-EFED4B98A784", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_mobility:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "8436E2A3-DA68-497C-AEAB-A4270292393D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB44F2-9988-4C30-96E9-CBFED370A652", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "15D64036-E6B6-4738-8DC9-22E6744C8F53", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "5169182D-9CB1-4C85-969D-BBBCE00ADADB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "08D3E61E-2365-4785-ADB3-CD6A9BCF4781", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "BDF7A325-BC30-4025-AACC-09E641F50E42", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "3850DBFD-EBA9-4FB2-BD27-C99198ECE2C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "432262E6-9DAB-491D-918A-FED8365038B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_server:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "D34D0F6B-2D88-4BB3-86BC-93B2B61281EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "DBCE8B29-67BF-4ABB-BDE6-CF3C2775FEA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "3AE00049-6F59-4CDC-883F-29187DDA4E56", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "2FAC1883-3ED7-4934-9580-EEEBE38E107A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "59D81CD3-C3FA-4A27-AAD3-4F5DE94B54F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "C136B2E0-2576-4026-90E0-BEDFA3AA45D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "6C4AF70D-FA19-4F83-9BDF-0A0D626C2F60", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "A9223D22-CFBC-4226-8ADA-1F59FAF67430", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_service_request_catalog:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "77C58A27-F3DB-4265-BDE2-BD7D811CFEDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "31ED5515-0204-40AB-909A-28D7B6C6A21B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "112FC29D-F312-4746-8244-6748EC8C4FF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "5118E52C-3E67-412E-A6CC-58B3F26024B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "1336FD12-2914-4E09-AB69-88245A185DAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "F0A7D280-01BF-4E80-8466-48271FA37473", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "65D63905-9607-40F0-83B4-82A90E7948A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "1DC65FFA-3F68-48D0-932E-2CCA9124259A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_web_client:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "931ED391-626B-4020-A160-9ED52D93EE0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.30:*:*:*:*:*:*:*", "matchCriteriaId": "008CD132-6493-4C4E-A830-30C9D7E0C3F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.31:*:*:*:*:*:*:*", "matchCriteriaId": "D9EDF881-60D2-4F43-9167-4DCE853F3ADF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.32:*:*:*:*:*:*:*", "matchCriteriaId": "A71BBD49-6401-4671-AC18-3F8DB938419E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.33:*:*:*:*:*:*:*", "matchCriteriaId": "4CE6AACE-858A-4533-BFFD-BB8C9FA65CFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.34:*:*:*:*:*:*:*", "matchCriteriaId": "4BCAE022-8C7B-4EEF-9E11-145157C037DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.35:*:*:*:*:*:*:*", "matchCriteriaId": "F0716278-E5E2-44A1-94C9-2A9C9B784B2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.40:*:*:*:*:*:*:*", "matchCriteriaId": "FC240297-846D-48FB-BCB3-3055FC2641B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:service_manager_windows_client:9.41:*:*:*:*:*:*:*", "matchCriteriaId": "74B8110F-685D-404D-B742-05DB1D6E416E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components."}, {"lang": "es", "value": "HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40 y 9.41 permite a usuarios remotos autenticados obtener informaci\u00f3n sensible, modificar datos y llevar a cabo ataques de SSRF a trav\u00e9s de vectores no especificados, relacionado con los componentes Server, Web Client, Windows Client y Service Request."}], "id": "CVE-2016-4371", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-06-19T01:59:07.247", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:hp:service_manager:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : F32B79D7-0C89-475B-B714-3CB1D7064491 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:hp:service_manager:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : F3065EC7-1FE4-4715-BF04-09D7CB7F9C8A (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:hp:service_manager:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : 05C97132-741B-4EA8-9023-CAD01A7651EF (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:hp:service_manager:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : DDE568ED-E354-4943-987E-35A796DCE0D0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:hp:service_manager:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : 6AFCACDA-F200-4CA8-934A-DA8C89B7B4DF (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:hp:service_manager:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : FB8AEB78-8437-4A12-BE8E-4876BB84D13C (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:hp:service_manager:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : 32058060-DE9B-41DB-8DEF-871ED464FECB (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:hp:service_manager:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : 8D9E9027-0259-4DFD-8621-2AE778EE1ABD (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : 8405E87D-FF4D-4505-B8EF-D8D473D73378 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : 39ACD174-D7E4-486E-A79E-5839B3955C85 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : 65EEA823-86F4-46E4-87FA-6457F34F52DE (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : 5DD6DF0E-3F6C-47F8-A7DF-6501E3366BB9 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : 95D94475-E9D1-4EFF-A898-B593EB02B97F (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : 32F4F277-E82A-454A-B19F-E11DFD821ED0 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : 28762966-4C03-4321-8E04-EFED4B98A784 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:hp:service_manager_mobility:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : 8436E2A3-DA68-497C-AEAB-A4270292393D (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : F8FB44F2-9988-4C30-96E9-CBFED370A652 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : 15D64036-E6B6-4738-8DC9-22E6744C8F53 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : 5169182D-9CB1-4C85-969D-BBBCE00ADADB (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : 08D3E61E-2365-4785-ADB3-CD6A9BCF4781 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : BDF7A325-BC30-4025-AACC-09E641F50E42 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : 3850DBFD-EBA9-4FB2-BD27-C99198ECE2C1 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : 432262E6-9DAB-491D-918A-FED8365038B9 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:hp:service_manager_server:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : D34D0F6B-2D88-4BB3-86BC-93B2B61281EF (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : DBCE8B29-67BF-4ABB-BDE6-CF3C2775FEA6 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : 3AE00049-6F59-4CDC-883F-29187DDA4E56 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FAC1883-3ED7-4934-9580-EEEBE38E107A (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : 59D81CD3-C3FA-4A27-AAD3-4F5DE94B54F2 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : C136B2E0-2576-4026-90E0-BEDFA3AA45D3 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : 6C4AF70D-FA19-4F83-9BDF-0A0D626C2F60 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : A9223D22-CFBC-4226-8ADA-1F59FAF67430 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:hp:service_manager_service_request_catalog:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : 77C58A27-F3DB-4265-BDE2-BD7D811CFEDE (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : 31ED5515-0204-40AB-909A-28D7B6C6A21B (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : 112FC29D-F312-4746-8244-6748EC8C4FF0 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : 5118E52C-3E67-412E-A6CC-58B3F26024B4 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : 1336FD12-2914-4E09-AB69-88245A185DAC (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : F0A7D280-01BF-4E80-8466-48271FA37473 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : 65D63905-9607-40F0-83B4-82A90E7948A8 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : 1DC65FFA-3F68-48D0-932E-2CCA9124259A (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:a:hp:service_manager_web_client:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : 931ED391-626B-4020-A160-9ED52D93EE0C (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.30:*:*:*:*:*:*:* (string)

matchCriteriaId : 008CD132-6493-4C4E-A830-30C9D7E0C3F0 (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.31:*:*:*:*:*:*:* (string)

matchCriteriaId : D9EDF881-60D2-4F43-9167-4DCE853F3ADF (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.32:*:*:*:*:*:*:* (string)

matchCriteriaId : A71BBD49-6401-4671-AC18-3F8DB938419E (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.33:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CE6AACE-858A-4533-BFFD-BB8C9FA65CFA (string)

vulnerable : true (boolean)

}

44 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.34:*:*:*:*:*:*:* (string)

matchCriteriaId : 4BCAE022-8C7B-4EEF-9E11-145157C037DF (string)

vulnerable : true (boolean)

}

45 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.35:*:*:*:*:*:*:* (string)

matchCriteriaId : F0716278-E5E2-44A1-94C9-2A9C9B784B2D (string)

vulnerable : true (boolean)

}

46 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.40:*:*:*:*:*:*:* (string)

matchCriteriaId : FC240297-846D-48FB-BCB3-3055FC2641B4 (string)

vulnerable : true (boolean)

}

47 : { »

criteria : cpe:2.3:a:hp:service_manager_windows_client:9.41:*:*:*:*:*:*:* (string)

matchCriteriaId : 74B8110F-685D-404D-B742-05DB1D6E416E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components. (string)

}

1 : { »

lang : es (string)

value : HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40 y 9.41 permite a usuarios remotos autenticados obtener información sensible, modificar datos y llevar a cabo ataques de SSRF a través de vectores no especificados, relacionado con los componentes Server, Web Client, Windows Client y Service Request. (string)

}

]

id : CVE-2016-4371 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:S/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 6.8 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 2.1 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-06-19T01:59:07.247 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-352 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object