CVE-2023-4499

Published: Oct 13, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

Affected (1)

Products: Hp: Thinupdate

1 product

Thinupdate

Configuration A

1 vulnerable · 19 platform

Vulnerable Software	Affected Versions
Hp Thinupdate	Before 2.7.15

Running on/with	Platform Versions
Hp Elite Mt645	All versions
Hp Mt21	All versions
Hp Mt22	All versions
Hp Mt31	All versions
Hp Mt32	All versions
Hp Mt43	All versions
Hp Mt44	All versions
Hp Mt45	All versions
Hp Mt46	All versions
Hp Pro Mt440 G3	All versions
Hp T430	All versions
Hp T530	All versions
Hp T540	All versions
Hp T628	All versions
Hp T630	All versions
Hp T638	All versions
Hp T640	All versions
Hp T730	All versions
Hp T740	All versions

Related CWEs

CWE-295

Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

References (2)

https://support.hp.com/us-en/document/ish_9440593-9440618-16

Source: hp-security-alert@hp.com

PatchVendor Advisory

https://support.hp.com/us-en/document/ish_9440593-9440618-16

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.