Search criteria
9 vulnerabilities found for thinpro_linux by hp
FKIE_CVE-2019-16285
Vulnerability from fkie_nvd - Published: 2019-11-22 22:15 - Updated: 2024-11-21 04:30
Severity ?
Summary
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | thinpro_linux | 6.2 | |
| hp | thinpro_linux | 6.2.1 | |
| hp | thinpro_linux | 7.0 | |
| hp | thinpro_linux | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6059DA4F-17DB-4837-9017-3491FD089356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "185A85FB-69BF-470B-A701-876F2622213A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "357F499E-ED43-4612-9D8A-DC9B7B32C7D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24BB4C78-3C43-49C7-9C32-98894031C527",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive."
},
{
"lang": "es",
"value": "Si un usuario local se configur\u00f3 e inici\u00f3 sesi\u00f3n, un atacante no autenticado con acceso f\u00edsico puede extraer informaci\u00f3n confidencial en una unidad local."
}
],
"id": "CVE-2019-16285",
"lastModified": "2024-11-21T04:30:27.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-22T22:15:11.093",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06509350"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-16286
Vulnerability from fkie_nvd - Published: 2019-11-22 22:15 - Updated: 2024-11-21 04:30
Severity ?
Summary
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | thinpro_linux | 6.2 | |
| hp | thinpro_linux | 6.2.1 | |
| hp | thinpro_linux | 7.0 | |
| hp | thinpro_linux | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6059DA4F-17DB-4837-9017-3491FD089356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "185A85FB-69BF-470B-A701-876F2622213A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "357F499E-ED43-4612-9D8A-DC9B7B32C7D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24BB4C78-3C43-49C7-9C32-98894031C527",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands."
},
{
"lang": "es",
"value": "Un atacante puede ser capaz de omitir el filtro de aplicaci\u00f3n del sistema operativo destinado a restringir las aplicaciones que pueden ser ejecutadas mediante el cambio de las preferencias del navegador para iniciar un proceso separado que a su vez puede ejecutar comandos arbitrarios."
}
],
"id": "CVE-2019-16286",
"lastModified": "2024-11-21T04:30:27.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-22T22:15:11.187",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06509350"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-2124
Vulnerability from fkie_nvd - Published: 2015-06-05 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | smart_zero_core | 4.3 | |
| hp | smart_zero_core | 4.4 | |
| hp | thinpro_linux | 4.1 | |
| hp | thinpro_linux | 4.2 | |
| hp | thinpro_linux | 4.3 | |
| hp | thinpro_linux | 4.4 | |
| hp | thinpro_linux | 5.0 | |
| hp | thinpro_linux | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:smart_zero_core:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6E184306-5EE7-4A9F-84D7-2BA2CD7BAD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:smart_zero_core:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA20AEE1-4797-4506-9296-6A3ED5D1E078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74C0E569-348A-4E25-B757-B16563E4F892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E70CFFE1-B05D-4C27-9292-4639E894118D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98DA2377-4E1E-40F8-8334-AF80BE85C587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3FE971B-8B07-46B6-93A9-A5526F5E4DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1F49CA-1AB8-4C31-9CD9-A06A1012F7F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:thinpro_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1122A6-26BD-4E5D-A179-81963909C89F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Easy Setup Wizard en HP ThinPro Linux 4.1 hasta 5.1 y Smart Zero Core 4.3 y 4.4 permite a usuarios locales evadir las restricciones de acceso y ganar privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-2124",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-05T10:59:03.270",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/74897"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-16286 (GCVE-0-2019-16286)
Vulnerability from cvelistv5 – Published: 2019-11-22 21:49 – Updated: 2024-08-05 01:10
VLAI?
Summary
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- Application filter bypass and arbitrary command execution.
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP | ThinPro Linux |
Affected:
6.2
Affected: 6.2.1 Affected: 7.0 Affected: 7.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinPro Linux",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Application filter bypass and arbitrary command execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-25T16:06:11",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-16286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinPro Linux",
"version": {
"version_data": [
{
"version_value": "6.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "HP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Application filter bypass and arbitrary command execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/c06509350",
"refsource": "CONFIRM",
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"name": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-16286",
"datePublished": "2019-11-22T21:49:18",
"dateReserved": "2019-09-13T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16285 (GCVE-0-2019-16285)
Vulnerability from cvelistv5 – Published: 2019-11-22 21:44 – Updated: 2024-08-05 01:10
VLAI?
Summary
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
Severity ?
No CVSS data available.
CWE
- Information disclosure.
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP | ThinPro Linux |
Affected:
6.2
Affected: 6.2.1 Affected: 7.0 Affected: 7.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinPro Linux",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-25T16:06:08",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-16285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinPro Linux",
"version": {
"version_data": [
{
"version_value": "6.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "HP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/c06509350",
"refsource": "CONFIRM",
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"name": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-16285",
"datePublished": "2019-11-22T21:44:22",
"dateReserved": "2019-09-13T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2124 (GCVE-0-2015-2124)
Vulnerability from cvelistv5 – Published: 2015-06-05 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT102045",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74897"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T16:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT102045",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74897"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT102045",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74897"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2124",
"datePublished": "2015-06-05T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16286 (GCVE-0-2019-16286)
Vulnerability from nvd – Published: 2019-11-22 21:49 – Updated: 2024-08-05 01:10
VLAI?
Summary
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- Application filter bypass and arbitrary command execution.
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP | ThinPro Linux |
Affected:
6.2
Affected: 6.2.1 Affected: 7.0 Affected: 7.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinPro Linux",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Application filter bypass and arbitrary command execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-25T16:06:11",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-16286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinPro Linux",
"version": {
"version_data": [
{
"version_value": "6.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "HP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Application filter bypass and arbitrary command execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/c06509350",
"refsource": "CONFIRM",
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Application filter bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/37"
},
{
"name": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-16286",
"datePublished": "2019-11-22T21:49:18",
"dateReserved": "2019-09-13T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16285 (GCVE-0-2019-16285)
Vulnerability from nvd – Published: 2019-11-22 21:44 – Updated: 2024-08-05 01:10
VLAI?
Summary
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
Severity ?
No CVSS data available.
CWE
- Information disclosure.
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP | ThinPro Linux |
Affected:
6.2
Affected: 6.2.1 Affected: 7.0 Affected: 7.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ThinPro Linux",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-25T16:06:08",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-16285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ThinPro Linux",
"version": {
"version_data": [
{
"version_value": "6.2"
},
{
"version_value": "6.2.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.1"
}
]
}
}
]
},
"vendor_name": "HP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/c06509350",
"refsource": "CONFIRM",
"url": "https://support.hp.com/us-en/document/c06509350"
},
{
"name": "20200324 HP ThinPro - Information disclosure",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/30"
},
{
"name": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-16285",
"datePublished": "2019-11-22T21:44:22",
"dateReserved": "2019-09-13T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2124 (GCVE-0-2015-2124)
Vulnerability from nvd – Published: 2015-06-05 10:00 – Updated: 2024-08-06 05:02
VLAI?
Summary
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT102045",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74897"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T16:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT102045",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74897"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT102045",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "HPSBHF03340",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04692275"
},
{
"name": "74897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74897"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2124",
"datePublished": "2015-06-05T10:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}