NVD - CVE-2016-4371

Vulnerability Change Records for CVE-2016-4371

Change History

Modified Analysis by NIST 6/21/2016 6:26:04 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		Configuration 1 OR cpe:2.3:a:hp:service_manager_mobility:9.41::::::: cpe:2.3:a:hp:service_manager_mobility:9.40::::::: cpe:2.3:a:hp:service_manager_mobility:9.35::::::: cpe:2.3:a:hp:service_manager_mobility:9.34::::::: cpe:2.3:a:hp:service_manager_mobility:9.33::::::: cpe:2.3:a:hp:service_manager_mobility:9.32::::::: cpe:2.3:a:hp:service_manager_mobility:9.31::::::: cpe:2.3:a:hp:service_manager_mobility:9.30::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.41::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.40::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.35::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.34::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.33::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.32::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.31::::::: cpe:2.3:a:hp:service_manager_service_request_catalog:9.30::::::: cpe:2.3:a:hp:service_manager_windows_client:9.41::::::: cpe:2.3:a:hp:service_manager_windows_client:9.40::::::: cpe:2.3:a:hp:service_manager_windows_client:9.35::::::: cpe:2.3:a:hp:service_manager_windows_client:9.34::::::: cpe:2.3:a:hp:service_manager_windows_client:9.33::::::: cpe:2.3:a:hp:service_manager_windows_client:9.32::::::: cpe:2.3:a:hp:service_manager_windows_client:9.31::::::: cpe:2.3:a:hp:service_manager_windows_client:9.30::::::: cpe:2.3:a:hp:service_manager_web_client:9.41::::::: cpe:2.3:a:hp:service_manager_web_client:9.40::::::: cpe:2.3:a:hp:service_manager_web_client:9.35::::::: cpe:2.3:a:hp:service_manager_web_client:9.34::::::: cpe:2.3:a:hp:service_manager_web_client:9.33::::::: cpe:2.3:a:hp:service_manager_web_client:9.32::::::: cpe:2.3:a:hp:service_manager_web_client:9.31::::::: cpe:2.3:a:hp:service_manager_web_client:9.30::::::: cpe:2.3:a:hp:service_manager_server:9.41::::::: cpe:2.3:a:hp:service_manager_server:9.40::::::: cpe:2.3:a:hp:service_manager_server:9.35::::::: cpe:2.3:a:hp:service_manager_server:9.34::::::: cpe:2.3:a:hp:service_manager_server:9.33::::::: cpe:2.3:a:hp:service_manager_server:9.32::::::: cpe:2.3:a:hp:service_manager_server:9.31::::::: cpe:2.3:a:hp:service_manager_server:9.30::::::: cpe:2.3:a:hp:service_manager:9.41::::::: cpe:2.3:a:hp:service_manager:9.40::::::: cpe:2.3:a:hp:service_manager:9.35::::::: cpe:2.3:a:hp:service_manager:9.34::::::: cpe:2.3:a:hp:service_manager:9.33::::::: cpe:2.3:a:hp:service_manager:9.32::::::: cpe:2.3:a:hp:service_manager:9.31::::::: cpe:2.3:a:hp:service_manager:9.30:::::::
Added	CVSS V2		(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Added	CVSS V3		AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Added	CWE		CWE-352
Changed	Description	HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.	HP Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the Server, Web Client, Windows Client, and Service Request components.
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167176 Advisory