HIGH🇵🇱 Wersja polska

CVE-2013-4836

CVSS 7.5v2.0pub. 2013-11-04upd. 2026-04-29

Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • HP Alm Synchronizer

    APP
    Hp
    1.101.201.301.40≤ 1.41
  • HP Application Lifecycle Management

    APP
    Hp
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2013-4810CRITICAL9.8⚠ KEVten sam produkt

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application ...

CVE-2013-4834HIGH7.5ten sam produkt

Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 a...

CVE-2014-2631MEDIUM4.6ten sam produkt

Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows l...

CVE-2013-4802MEDIUM4.3ten sam produkt

Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11...

CVE-2017-5638CRITICAL9.8⚠ KEVten sam vendor

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect ex...