Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2023-4499 (GCVE-0-2023-4499)

Vulnerability from cvelistv5 – Published: 2023-10-13 16:24 – Updated: 2024-09-17 20:08

Summary

A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

hp

References

1 reference

URL	Tags
https://support.hp.com/us-en/document/ish_9440593…

Impacted products

2 products

Vendor	Product	Version
HP Inc.	HP ThinUpdate	Affected: See HP Security Bulletin reference for affected versions.
hp	thinupdate	Affected: 0 , < * (custom) cpe:2.3:a:hp:thinupdate:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.278Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.hp.com/us-en/document/ish_9440593-9440618-16"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hp:thinupdate:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "thinupdate",
            "vendor": "hp",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4499",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-17T20:07:12.634730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-17T20:08:58.168Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "HP ThinUpdate",
          "vendor": "HP Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "See HP Security Bulletin reference for affected versions."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-13T16:24:29.582Z",
        "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "shortName": "hp"
      },
      "references": [
        {
          "url": "https://support.hp.com/us-en/document/ish_9440593-9440618-16"
        }
      ],
      "x_generator": {
        "engine": "cveClient/1.0.15"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
    "assignerShortName": "hp",
    "cveId": "CVE-2023-4499",
    "datePublished": "2023-10-13T16:24:29.582Z",
    "dateReserved": "2023-08-23T16:17:59.466Z",
    "dateUpdated": "2024-09-17T20:08:58.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4499 (GCVE-0-2023-4499)

Vulnerability from nvd – Published: 2023-10-13 16:24 – Updated: 2024-09-17 20:08

Summary

A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

hp

References

1 reference

URL	Tags
https://support.hp.com/us-en/document/ish_9440593…

Impacted products

2 products

Vendor	Product	Version
HP Inc.	HP ThinUpdate	Affected: See HP Security Bulletin reference for affected versions.
hp	thinupdate	Affected: 0 , < * (custom) cpe:2.3:a:hp:thinupdate:-:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.278Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.hp.com/us-en/document/ish_9440593-9440618-16"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hp:thinupdate:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "thinupdate",
            "vendor": "hp",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4499",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-17T20:07:12.634730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-17T20:08:58.168Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "HP ThinUpdate",
          "vendor": "HP Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "See HP Security Bulletin reference for affected versions."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-13T16:24:29.582Z",
        "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "shortName": "hp"
      },
      "references": [
        {
          "url": "https://support.hp.com/us-en/document/ish_9440593-9440618-16"
        }
      ],
      "x_generator": {
        "engine": "cveClient/1.0.15"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
    "assignerShortName": "hp",
    "cveId": "CVE-2023-4499",
    "datePublished": "2023-10-13T16:24:29.582Z",
    "dateReserved": "2023-08-23T16:17:59.466Z",
    "dateUpdated": "2024-09-17T20:08:58.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Find a vulnerability

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

2 vulnerabilities found for thinupdate by hp

CVE-2023-4499 (GCVE-0-2023-4499)

CVE-2023-4499 (GCVE-0-2023-4499)

Find a vulnerability

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

2 vulnerabilities found for thinupdate by hp

CVE-2023-4499 (GCVE-0-2023-4499)

CVE-2023-4499 (GCVE-0-2023-4499)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.