What is the vulnerability identified in HP ThinUpdate utility (CVE-2023-4499)?

The vulnerability identified in HP ThinUpdate utility (CVE-2023-4499) is a potential security vulnerability that may lead to information disclosure.

What is the severity of CVE-2023-4499?

The severity of CVE-2023-4499 is high with a CVSS score of 7.5.

Which versions of HP ThinUpdate are affected by CVE-2023-4499?

HP ThinUpdate version up to and exclusive of 2.7.15 are affected by CVE-2023-4499.

Is HP ThinUpdate the only affected software by CVE-2023-4499?

Yes, HP ThinUpdate is the only affected software by CVE-2023-4499.

How can I mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499)?

To mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499), install the provided mitigation released by HP.

Vulnerability/
CVE-2023-4499

high

7.5

CWE

295

13/10/2023

17/9/2024

CVE-2023-4499

First published: Fri Oct 13 2023(Updated: )

A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

Credit: hp-security-alert@hp.com hp-security-alert@hp.com

Affected Software	Affected Version	How to fix
HP ThinUpdate	<2.7.15
Hp Elite Mt645
Hp Mt21
Hp Mt22
Hp Mt31
Hp Mt32
Hp Mt43
Hp Mt44
Hp Mt45
Hp Mt46
Hp Pro Mt440 G3
Hp T430
Hp T530
Hp T540
Hp T628
Hp T630
Hp T638
Hp T640
Hp T730
Hp T740

Remedy

https://support.hp.com/us-en/document/ish_9440593-9440618-16

Never miss a vulnerability like this again

Reference Links

https://support.hp.com/us-en/document/ish_9440593-9440618-16

Frequently Asked Questions

What is the vulnerability identified in HP ThinUpdate utility (CVE-2023-4499)?
The vulnerability identified in HP ThinUpdate utility (CVE-2023-4499) is a potential security vulnerability that may lead to information disclosure.
What is the severity of CVE-2023-4499?
The severity of CVE-2023-4499 is high with a CVSS score of 7.5.
Which versions of HP ThinUpdate are affected by CVE-2023-4499?
HP ThinUpdate version up to and exclusive of 2.7.15 are affected by CVE-2023-4499.
Is HP ThinUpdate the only affected software by CVE-2023-4499?
Yes, HP ThinUpdate is the only affected software by CVE-2023-4499.
How can I mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499)?
To mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499), install the provided mitigation released by HP.

collector/nvd-api
collector/nvd-index
agent/severity
agent/references
agent/weakness
agent/author
agent/description
agent/type
agent/event
agent/last-modified-date
agent/remedy
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/hp
canonical/hp thinupdate
canonical/hp elite mt645
canonical/hp mt21
canonical/hp mt22
canonical/hp mt31
canonical/hp mt32
canonical/hp mt43
canonical/hp mt44
canonical/hp mt45
canonical/hp mt46
canonical/hp pro mt440 g3
canonical/hp t430
canonical/hp t530
canonical/hp t540
canonical/hp t628
canonical/hp t630
canonical/hp t638
canonical/hp t640
canonical/hp t730
canonical/hp t740

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.