Vulnerability Description
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data.
CVSS Score
5.4
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microfocus | Service Manager | 9.30 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104141
- http://www.securitytracker.com/id/1040902
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM031586
- http://www.securityfocus.com/bid/104141
- http://www.securitytracker.com/id/1040902
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM031586
FAQ
What is CVE-2018-6494?
CVE-2018-6494 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data.
How severe is CVE-2018-6494?
CVE-2018-6494 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6494?
Check the references section above for vendor advisories and patch information. Affected products include: Microfocus Service Manager.