Search criteria
48 vulnerabilities found for support_assistant by hp
FKIE_CVE-2022-23455
Vulnerability from fkie_nvd - Published: 2023-02-01 07:15 - Updated: 2025-03-27 19:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"id": "CVE-2022-23455",
"lastModified": "2025-03-27T19:15:43.817",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-01T07:15:10.047",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-23453
Vulnerability from fkie_nvd - Published: 2023-02-01 07:15 - Updated: 2025-03-27 16:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"id": "CVE-2022-23453",
"lastModified": "2025-03-27T16:15:15.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-01T07:15:09.577",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-23454
Vulnerability from fkie_nvd - Published: 2023-02-01 07:15 - Updated: 2025-03-27 16:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"id": "CVE-2022-23454",
"lastModified": "2025-03-27T16:15:15.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-01T07:15:09.833",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-38395
Vulnerability from fkie_nvd - Published: 2022-12-12 13:15 - Updated: 2025-04-29 19:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | fusion | * | |
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F188B38C-D8CC-4301-AD55-ADF9A2792362",
"versionEndExcluding": "1.38.2601.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up."
},
{
"lang": "es",
"value": "HP Support Assistant utiliza HP Performance Tune-up como herramienta de diagn\u00f3stico. HP Support Assistant utiliza Fusion para iniciar HP Performance Tune-up. Es posible que un atacante aproveche la vulnerabilidad de secuestro de DLL y eleve los privilegios cuando Fusion inicia HP Performance Tune-up."
}
],
"id": "CVE-2022-38395",
"lastModified": "2025-04-29T19:15:51.787",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-12T13:15:14.420",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2020-6918
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6918",
"lastModified": "2024-11-21T05:36:21.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.007",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-6920
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6920",
"lastModified": "2024-11-21T05:36:21.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.123",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-6922
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6922",
"lastModified": "2024-11-21T05:36:21.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.240",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-6919
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6919",
"lastModified": "2024-11-21T05:36:21.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.067",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-6921
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6921",
"lastModified": "2024-11-21T05:36:21.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.183",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-6917
Vulnerability from fkie_nvd - Published: 2022-02-16 17:15 - Updated: 2024-11-21 05:36
Severity ?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | support_assistant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:support_assistant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD4D0FD-F788-4F4D-AE4E-B45D0BD0F37C",
"versionEndExcluding": "9.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
},
{
"lang": "es",
"value": "En el software HP Support Assistant han sido identificadas posibles vulnerabilidades de seguridad que incluyen el compromiso de la integridad y la comunicaci\u00f3n permitida con clientes que no son confiables"
}
],
"id": "CVE-2020-6917",
"lastModified": "2024-11-21T05:36:21.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:09.943",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-23455 (GCVE-0-2022-23455)
Vulnerability from cvelistv5 – Published: 2023-01-30 21:36 – Updated: 2025-03-27 18:57
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T18:57:11.546681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T18:57:54.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23455",
"datePublished": "2023-01-30T21:36:24.359Z",
"dateReserved": "2022-01-19T16:54:44.046Z",
"dateUpdated": "2025-03-27T18:57:54.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23454 (GCVE-0-2022-23454)
Vulnerability from cvelistv5 – Published: 2023-01-30 21:35 – Updated: 2025-03-27 15:13
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:45.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T15:12:25.467499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:13:33.753Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23454",
"datePublished": "2023-01-30T21:35:42.349Z",
"dateReserved": "2022-01-19T16:54:44.046Z",
"dateUpdated": "2025-03-27T15:13:33.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23453 (GCVE-0-2022-23453)
Vulnerability from cvelistv5 – Published: 2023-01-30 21:34 – Updated: 2025-03-27 15:14
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:45.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T15:14:13.064659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:14:57.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23453",
"datePublished": "2023-01-30T21:34:48.942Z",
"dateReserved": "2022-01-19T16:54:44.045Z",
"dateUpdated": "2025-03-27T15:14:57.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38395 (GCVE-0-2022-38395)
Vulnerability from cvelistv5 – Published: 2022-11-18 20:52 – Updated: 2025-04-29 18:35
VLAI?
Summary
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-38395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T18:34:43.793729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T18:35:19.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-12T12:11:04.548Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-38395",
"datePublished": "2022-11-18T20:52:28.312Z",
"dateReserved": "2022-08-17T21:59:36.744Z",
"dateUpdated": "2025-04-29T18:35:19.184Z",
"requesterUserId": "e0158710-d811-4b94-9318-6cef34bebe03",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6920 (GCVE-0-2020-6920)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:31",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6920",
"datePublished": "2022-02-16T16:38:09",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6921 (GCVE-0-2020-6921)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:25",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6921",
"datePublished": "2022-02-16T16:38:09",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6922 (GCVE-0-2020-6922)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:04",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6922",
"datePublished": "2022-02-16T16:38:01",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6917 (GCVE-0-2020-6917)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:43",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6917",
"datePublished": "2022-02-16T16:38:00",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6919 (GCVE-0-2020-6919)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:37 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:35",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6919",
"datePublished": "2022-02-16T16:37:59",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6918 (GCVE-0-2020-6918)
Vulnerability from cvelistv5 – Published: 2022-02-16 16:37 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:39",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6918",
"datePublished": "2022-02-16T16:37:58",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23455 (GCVE-0-2022-23455)
Vulnerability from nvd – Published: 2023-01-30 21:36 – Updated: 2025-03-27 18:57
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:46.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T18:57:11.546681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T18:57:54.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23455",
"datePublished": "2023-01-30T21:36:24.359Z",
"dateReserved": "2022-01-19T16:54:44.046Z",
"dateUpdated": "2025-03-27T18:57:54.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23454 (GCVE-0-2022-23454)
Vulnerability from nvd – Published: 2023-01-30 21:35 – Updated: 2025-03-27 15:13
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:45.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T15:12:25.467499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:13:33.753Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23454",
"datePublished": "2023-01-30T21:35:42.349Z",
"dateReserved": "2022-01-19T16:54:44.046Z",
"dateUpdated": "2025-03-27T15:13:33.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23453 (GCVE-0-2022-23453)
Vulnerability from nvd – Published: 2023-01-30 21:34 – Updated: 2025-03-27 15:14
VLAI?
Summary
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:43:45.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T15:14:13.064659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:14:57.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T06:15:59.102Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-23453",
"datePublished": "2023-01-30T21:34:48.942Z",
"dateReserved": "2022-01-19T16:54:44.045Z",
"dateUpdated": "2025-03-27T15:14:57.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38395 (GCVE-0-2022-38395)
Vulnerability from nvd – Published: 2022-11-18 20:52 – Updated: 2025-04-29 18:35
VLAI?
Summary
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP Support Assistant |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-38395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T18:34:43.793729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T18:35:19.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-12T12:11:04.548Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_6788123-6788147-16/hpsbhf03809"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-38395",
"datePublished": "2022-11-18T20:52:28.312Z",
"dateReserved": "2022-08-17T21:59:36.744Z",
"dateUpdated": "2025-04-29T18:35:19.184Z",
"requesterUserId": "e0158710-d811-4b94-9318-6cef34bebe03",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6920 (GCVE-0-2020-6920)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:31",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6920",
"datePublished": "2022-02-16T16:38:09",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6921 (GCVE-0-2020-6921)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:25",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6921",
"datePublished": "2022-02-16T16:38:09",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6922 (GCVE-0-2020-6922)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:04",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6922",
"datePublished": "2022-02-16T16:38:01",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6917 (GCVE-0-2020-6917)
Vulnerability from nvd – Published: 2022-02-16 16:38 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:43",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6917",
"datePublished": "2022-02-16T16:38:00",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6919 (GCVE-0-2020-6919)
Vulnerability from nvd – Published: 2022-02-16 16:37 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:35",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6919",
"datePublished": "2022-02-16T16:37:59",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6918 (GCVE-0-2020-6918)
Vulnerability from nvd – Published: 2022-02-16 16:37 – Updated: 2024-08-04 09:18
VLAI?
Summary
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
Severity ?
No CVSS data available.
CWE
- Compromise of Integrity, Allowed Communication with Untrusted Clients
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP Support Assistant |
Affected:
before 9.11
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:01.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Support Assistant",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Compromise of Integrity, Allowed Communication with Untrusted Clients",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T15:18:39",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2020-6918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Support Assistant",
"version": {
"version_data": [
{
"version_value": "before 9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Compromise of Integrity, Allowed Communication with Untrusted Clients"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5585999-5586023-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5585999-5586023-16"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0030/MNDT-2022-0030.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2020-6918",
"datePublished": "2022-02-16T16:37:58",
"dateReserved": "2020-01-13T00:00:00",
"dateUpdated": "2024-08-04T09:18:01.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}