Vulnerability Details CVE-2019-16286
An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.3%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html
- http://seclists.org/fulldisclosure/2020/Mar/37
- https://support.hp.com/us-en/document/c06509350
- http://packetstormsecurity.com/files/156898/HP-ThinPro-6.x-7.x-Filter-Bypass.html
- http://seclists.org/fulldisclosure/2020/Mar/37
- https://support.hp.com/us-en/document/c06509350
Products affected by CVE-2019-16286
-
cpe:2.3:a:hp:thinpro_linux:6.2
-
cpe:2.3:a:hp:thinpro_linux:6.2.1
-
cpe:2.3:a:hp:thinpro_linux:7.0
-
cpe:2.3:a:hp:thinpro_linux:7.1