Security Alert: HP Service Manager and ServiceCenter, Cross Site Scripting (XSS) and Disclosure of Information

Posted by Jerrod Davenport  I  June 20, 13

Two potential security vulnerabilities have been identified with HP Service Manager and HP ServiceCenter running on AIX, HP-UX, intelLinux, sparcSOL, and Windows Server. The vulnerabilities could be exploited remotely resulting in the disclosure of information or via cross site scripting.

Techport Thirteen is an HP software partner

Supported Software Versions (only impacted versions are listed):

  • HP Service Manager v9.31, v9.30, v9.21, and v7.11 for AIX, HP-UX, intelLinux, sparcSOL, Windows server
  • HP ServiceCenter v6.2.8 for AIX, HP-UX, intelLinux, sparcSOL, Windows server

Resolution:

HP has provided updates for impacted versions. Please download the correct update from Software Support Online (SSO).

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

Have additional support questions for your HP Service Manager or ServiceCenter solutions? Let us know how we can help.

Tags:  HP Service Manager