CVE-2022-23455

Published: Feb 1, 2023Modified: Mar 27, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.

Affected (1)

Products: Hp: Support Assistant

1 product

Support Assistant

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Support Assistant	Before 9.11

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

Source: hp-security-alert@hp.com

Vendor Advisory

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.