Unspecified SSRF and Information Disclosure Vulnerabilities in HPE Service Manager Software

Unspecified SSRF and Information Disclosure Vulnerabilities in HPE Service Manager Software

CVE-2016-4371 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.

Learn more about our Web App Pen Testing.