Vulnerabilities > CVE-2019-16287 - Unspecified vulnerability in HP Thinpro

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

NVD

Published: 2019-11-22

Updated: 2020-08-24

Summary

In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP Thinpro 6.2 HP Thinpro 6.2.1 HP Thinpro 7.0 HP Thinpro 7.1	4

Packetstorm

data source	https://packetstormsecurity.com/files/download/156899/hpthinpro-escalate.txt
id	PACKETSTORM:156899
last seen	2020-03-26
published	2020-03-25
reporter	Eldar Marcussen
source	https://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalation.html
title	HP ThinPro 6.x / 7.x Privilege Escalation

Summary

Vulnerable Configurations

Packetstorm

References