Vulnerabilities > CVE-2019-16287 - Unspecified vulnerability in HP Thinpro
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH low complexity
hp
Summary
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 4 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/156899/hpthinpro-escalate.txt |
id | PACKETSTORM:156899 |
last seen | 2020-03-26 |
published | 2020-03-25 |
reporter | Eldar Marcussen |
source | https://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalation.html |
title | HP ThinPro 6.x / 7.x Privilege Escalation |
References
- http://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalation.html
- http://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2020/Mar/38
- http://seclists.org/fulldisclosure/2020/Mar/38
- https://support.hp.com/us-en/document/c06509350
- https://support.hp.com/us-en/document/c06509350