CVE-2023-4499
First published: Fri Oct 13 2023(Updated: )
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP ThinUpdate | <2.7.15 | |
| HP Elite MT645 | ||
| HP Mt21 Thin Client | ||
| HP mt22 firmware | ||
| HP Mt31 Thin Client | ||
| HP mt32 firmware | ||
| HP mt43 firmware | ||
| hp mt44 firmware | ||
| HP MT45 Mobile Thin Client | ||
| HP mt46 firmware | ||
| HP Pro MT440 G3 Mobile Thin Client | ||
| HP t430 Thin Client | ||
| HP t530 | ||
| HP t540 | ||
| HP t628 | ||
| HP t630 | ||
| HP t638 Thin Client Firmware | ||
| HP t640 | ||
| HP t730 | ||
| HP t740 | ||
| All of | ||
| HP ThinUpdate | <2.7.15 | |
| Any of | ||
| HP Elite MT645 | ||
| HP Mt21 Thin Client | ||
| HP mt22 firmware | ||
| HP Mt31 Thin Client | ||
| HP mt32 firmware | ||
| HP mt43 firmware | ||
| hp mt44 firmware | ||
| HP MT45 Mobile Thin Client | ||
| HP mt46 firmware | ||
| HP Pro MT440 G3 Mobile Thin Client | ||
| HP t430 Thin Client | ||
| HP t530 | ||
| HP t540 | ||
| HP t628 | ||
| HP t630 | ||
| HP t638 Thin Client Firmware | ||
| HP t640 | ||
| HP t730 | ||
| HP t740 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability identified in HP ThinUpdate utility (CVE-2023-4499)?
The vulnerability identified in HP ThinUpdate utility (CVE-2023-4499) is a potential security vulnerability that may lead to information disclosure.
What is the severity of CVE-2023-4499?
The severity of CVE-2023-4499 is high with a CVSS score of 7.5.
Which versions of HP ThinUpdate are affected by CVE-2023-4499?
HP ThinUpdate version up to and exclusive of 2.7.15 are affected by CVE-2023-4499.
Is HP ThinUpdate the only affected software by CVE-2023-4499?
Yes, HP ThinUpdate is the only affected software by CVE-2023-4499.
How can I mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499)?
To mitigate the potential vulnerability in HP ThinUpdate (CVE-2023-4499), install the provided mitigation released by HP.
- agent/type
- agent/references
- agent/severity
- agent/remedy
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/hp
- canonical/hp thinupdate
- canonical/hp elite mt645
- canonical/hp mt21 thin client
- canonical/hp mt22 firmware
- canonical/hp mt31 thin client
- canonical/hp mt32 firmware
- canonical/hp mt43 firmware
- canonical/hp mt44 firmware
- canonical/hp mt45 mobile thin client
- canonical/hp mt46 firmware
- canonical/hp pro mt440 g3 mobile thin client
- canonical/hp t430 thin client
- canonical/hp t530
- canonical/hp t540
- canonical/hp t628
- canonical/hp t630
- canonical/hp t638 thin client firmware
- canonical/hp t640
- canonical/hp t730
- canonical/hp t740