Vulnerability Description
HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Z4 G4 Workstation Firmware | < 1.70 |
| Hp | Z4 G4 Workstation | - |
| Hp | Z4 G4 Core-X Workstation Firmware | < 1.70 |
| Hp | Z4 G4 Core-X Workstation | - |
| Hp | Z6 G4 Workstation Firmware | < 1.71 |
| Hp | Z6 G4 Workstation | - |
| Hp | Z8 G4 Workstation Firmware | < 1.71 |
| Hp | Z8 G4 Workstation | - |
Related Weaknesses (CWE)
References
- https://support.hp.com/us-en/document/c06318199PatchVendor Advisory
- https://support.hp.com/us-en/document/c06318199PatchVendor Advisory
FAQ
What is CVE-2019-6322?
CVE-2019-6322 is a vulnerability with a CVSS score of 6.8 (MEDIUM). HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates ...
How severe is CVE-2019-6322?
CVE-2019-6322 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6322?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Z4 G4 Workstation Firmware, Hp Z4 G4 Workstation, Hp Z4 G4 Core-X Workstation Firmware, Hp Z4 G4 Core-X Workstation, Hp Z6 G4 Workstation Firmware.