Vulnerability Details CVE-2019-16285
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.0%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
- http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html
- http://seclists.org/fulldisclosure/2020/Mar/30
- https://support.hp.com/us-en/document/c06509350
- http://packetstormsecurity.com/files/156895/HP-ThinPro-6.x-7.x-Information-Disclosure.html
- http://seclists.org/fulldisclosure/2020/Mar/30
- https://support.hp.com/us-en/document/c06509350
Products affected by CVE-2019-16285
-
cpe:2.3:a:hp:thinpro_linux:6.2
-
cpe:2.3:a:hp:thinpro_linux:6.2.1
-
cpe:2.3:a:hp:thinpro_linux:7.0
-
cpe:2.3:a:hp:thinpro_linux:7.1