CVE-2019-16287
First published: Fri Nov 22 2019(Updated: )
In HP ThinPro Linux 6.2, 6.2.1, 7.0 and 7.1, an attacker may be able to leverage the application filter bypass vulnerability to gain privileged access to create a file on the local file system whose presence puts the device in Administrative Mode, which will allow the attacker to executed commands with elevated privileges.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP ThinPro | =6.2 | |
| HP ThinPro | =6.2.1 | |
| HP ThinPro | =7.0 | |
| HP ThinPro | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-16287?
CVE-2019-16287 is a vulnerability in HP ThinPro Linux 6.2, 6.2.1, 7.0, and 7.1 that allows an attacker to leverage the application filter bypass vulnerability to gain privileged access.
How can an attacker exploit CVE-2019-16287?
An attacker can exploit CVE-2019-16287 by leveraging the application filter bypass vulnerability to create a file on the local file system, which puts the device in Administrative Mode, allowing the attacker to execute commands with privileged access.
What is the severity of CVE-2019-16287?
CVE-2019-16287 has a severity rating of high (6.8).
Which versions of HP ThinPro Linux are affected by CVE-2019-16287?
CVE-2019-16287 affects HP ThinPro Linux versions 6.2, 6.2.1, 7.0, and 7.1.
How can I fix CVE-2019-16287?
To fix CVE-2019-16287, it is recommended to apply the necessary patches or updates provided by HP ThinPro.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/tags
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/references
- agent/event
- vendor/hp
- canonical/hp thinpro
- version/hp thinpro/6.2
- version/hp thinpro/6.2.1
- version/hp thinpro/7.0
- version/hp thinpro/7.1