CVE-2013-4836

EUVD-2013-4681
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
hpalm_synchronizer
𝑥
≤ 1.41
hpalm_synchronizer
1.10
hpalm_synchronizer
1.20
hpalm_synchronizer
1.30
hpalm_synchronizer
1.40
𝑥
= Vulnerable software versions
References
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969436
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969436