CVE-2016-2025

Published: May 30, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components.

Affected (8)

Products: Hp: Service Manager

1 product

Service Manager

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Hp Service Manager	Version 9.30
Hp Service Manager	Version 9.31
Hp Service Manager	Version 9.32
Hp Service Manager	Version 9.33
Hp Service Manager	Version 9.34
Hp Service Manager	Version 9.35
Hp Service Manager	Version 9.40
Hp Service Manager	Version 9.41

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securitytracker.com/id/1035954

Source: cve@mitre.org

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149290

Source: cve@mitre.org

PatchVendor Advisory

http://www.securitytracker.com/id/1035954

Source: af854a3a-2127-422b-91ae-364da2661108

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149290

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.