Vulnerability Description
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Thinpro | 6.2 |
References
- http://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalat
- http://seclists.org/fulldisclosure/2020/Mar/38
- https://support.hp.com/us-en/document/c06509350Vendor Advisory
- http://packetstormsecurity.com/files/156899/HP-ThinPro-6.x-7.x-Privilege-Escalat
- http://seclists.org/fulldisclosure/2020/Mar/38
- https://support.hp.com/us-en/document/c06509350Vendor Advisory
FAQ
What is CVE-2019-16287?
CVE-2019-16287 is a vulnerability with a CVSS score of 6.8 (MEDIUM). In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose p...
How severe is CVE-2019-16287?
CVE-2019-16287 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16287?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Thinpro.