All the vulnerabilites related to hp - z4_g4_core-x_workstation_firmware
cve-2019-6322
Vulnerability from cvelistv5
Published
2019-05-29 19:56
Modified
2024-08-04 20:16
Severity ?
EPSS score ?
Summary
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hp.com/us-en/document/c06318199 | vendor-advisory, x_refsource_HP |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | HP Z4 G4 Workstation (Xeon W) |
Version: before 1.70 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:24.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03614",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Z4 G4 Workstation (Xeon W)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Core-X Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Core-X Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z6 G4 Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z6 G4 Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z8 G4 Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z8 G4 Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
}
],
"datePublic": "2019-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-29T19:56:26",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF03614",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-6322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Z4 G4 Workstation (Xeon W)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Core-X Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Core-X Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z6 G4 Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z6 G4 Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z8 G4 Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z8 G4 Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03614",
"refsource": "HP",
"url": "https://support.hp.com/us-en/document/c06318199"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-6322",
"datePublished": "2019-05-29T19:56:26",
"dateReserved": "2019-01-15T00:00:00",
"dateUpdated": "2024-08-04T20:16:24.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6321
Vulnerability from cvelistv5
Published
2019-05-29 19:55
Modified
2024-08-04 20:16
Severity ?
EPSS score ?
Summary
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.hp.com/us-en/document/c06318199 | vendor-advisory, x_refsource_HP |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | n/a | HP Z4 G4 Workstation (Xeon W) |
Version: before 1.70 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:24.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBHF03614",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP Z4 G4 Workstation (Xeon W)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Core-X Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z4 G4 Core-X Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.70"
}
]
},
{
"product": "HP Z6 G4 Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z6 G4 Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z8 G4 Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
},
{
"product": "HP Z8 G4 Workstation (Linux)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 1.71"
}
]
}
],
"datePublic": "2019-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-29T19:55:14",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBHF03614",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2019-6321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP Z4 G4 Workstation (Xeon W)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Core-X Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z4 G4 Core-X Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.70"
}
]
}
},
{
"product_name": "HP Z6 G4 Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z6 G4 Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z8 G4 Workstation",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
},
{
"product_name": "HP Z8 G4 Workstation (Linux)",
"version": {
"version_data": [
{
"version_value": "before 1.71"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03614",
"refsource": "HP",
"url": "https://support.hp.com/us-en/document/c06318199"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2019-6321",
"datePublished": "2019-05-29T19:55:14",
"dateReserved": "2019-01-15T00:00:00",
"dateUpdated": "2024-08-04T20:16:24.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-05-29 20:29
Modified
2024-11-21 04:46
Severity ?
Summary
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06318199 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06318199 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D705A2F2-BDF8-4ACB-B682-E9EB26D5558F",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61D5EEEF-309C-4A67-9395-4D96B0D96859",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71022F3C-5A46-467C-88EF-3B24B97F5516",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F06BE0-00B1-4216-B4ED-42837F3F1AD2",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "66FA358A-3EE5-4440-BB90-034051564C5B",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "A5C7B2C1-5F0B-4AB5-B6DE-673B5ED5ED52",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C80EFB03-1270-49B1-AD2D-0F217AD2CD0E",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "421AD855-EE9B-4BA8-92B7-2A1AAD2E041F",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
},
{
"lang": "es",
"value": "HP ha econtado una vulnerabilidad de seguridad con algunas versiones de Workstation BIOS (UEFI Firmware), donde el tiempo de ejecuci\u00f3n del c\u00f3digo BIOS podr\u00eda ser manipulado si el TPM est\u00e1 deshabilitado. Esta vulnerabilidad esta relacionada con Workstations cuyo TPM est\u00e1 habilitado por defecto."
}
],
"id": "CVE-2019-6322",
"lastModified": "2024-11-21T04:46:24.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-29T20:29:00.377",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06318199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-29 20:29
Modified
2024-11-21 04:46
Severity ?
Summary
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06318199 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06318199 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D705A2F2-BDF8-4ACB-B682-E9EB26D5558F",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61D5EEEF-309C-4A67-9395-4D96B0D96859",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71022F3C-5A46-467C-88EF-3B24B97F5516",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F06BE0-00B1-4216-B4ED-42837F3F1AD2",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "66FA358A-3EE5-4440-BB90-034051564C5B",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "A5C7B2C1-5F0B-4AB5-B6DE-673B5ED5ED52",
"versionEndExcluding": "1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "C80EFB03-1270-49B1-AD2D-0F217AD2CD0E",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "421AD855-EE9B-4BA8-92B7-2A1AAD2E041F",
"versionEndExcluding": "1.71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
},
{
"lang": "es",
"value": "HP ha encontrado una vulnerabilidad de seguridad con algunas versiones de Workstation BIOS (UEFI Firmware), donde el tiempo de ejecuci\u00f3n del c\u00f3digo BIOS podr\u00eda ser manipulado si el TPM est\u00e1 deshabilitado. Esta vulnerabilidad esta relacionada con Workstatiosn cuyo TPM est\u00e1 deshabilitado por defecto."
}
],
"id": "CVE-2019-6321",
"lastModified": "2024-11-21T04:46:24.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-29T20:29:00.330",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06318199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06318199"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}