Access Bypass Vulnerability in HP Service Manager by HP
CVE-2014-2634

Currently unrated

Key Information:

Vendor: HP
Status: Service Manager
Vendor: CVE Published:; 23 August 2014

Summary

An unspecified vulnerability exists in the server component of HP Service Manager, particularly affecting versions 7.21 and 9.x prior to 9.34. This flaw enables remote attackers to bypass established access restrictions, allowing them to manipulate data unauthorizedly or induce a denial of service. The vectors for exploitation remain unclear, which poses an increased risk for organizations relying on this management software.

References

http://www.securityfocus.com/bid/69379

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1030756

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/95450

vdb-entryx_refsource_XF

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 23, 2014
Vulnerability Reserved
Mar 24, 2014