{"containers": {"cna": {"affected": [{"product": "HP Z4 G4 Workstation (Xeon W)", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.70"}]}, {"product": "HP Z4 G4 Workstation (Xeon W) (Linux)", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.70"}]}, {"product": "HP Z4 G4 Core-X Workstation", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.70"}]}, {"product": "HP Z4 G4 Core-X Workstation (Linux)", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.70"}]}, {"product": "HP Z6 G4 Workstation", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.71"}]}, {"product": "HP Z6 G4 Workstation (Linux)", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.71"}]}, {"product": "HP Z8 G4 Workstation", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.71"}]}, {"product": "HP Z8 G4 Workstation (Linux)", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 1.71"}]}], "datePublic": "2019-05-03T00:00:00", "descriptions": [{"lang": "en", "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."}], "problemTypes": [{"descriptions": [{"description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-05-29T19:56:26", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"name": "HPSBHF03614", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "https://support.hp.com/us-en/document/c06318199"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2019-6322", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HP Z4 G4 Workstation (Xeon W)", "version": {"version_data": [{"version_value": "before 1.70"}]}}, {"product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)", "version": {"version_data": [{"version_value": "before 1.70"}]}}, {"product_name": "HP Z4 G4 Core-X Workstation", "version": {"version_data": [{"version_value": "before 1.70"}]}}, {"product_name": "HP Z4 G4 Core-X Workstation (Linux)", "version": {"version_data": [{"version_value": "before 1.70"}]}}, {"product_name": "HP Z6 G4 Workstation", "version": {"version_data": [{"version_value": "before 1.71"}]}}, {"product_name": "HP Z6 G4 Workstation (Linux)", "version": {"version_data": [{"version_value": "before 1.71"}]}}, {"product_name": "HP Z8 G4 Workstation", "version": {"version_data": [{"version_value": "before 1.71"}]}}, {"product_name": "HP Z8 G4 Workstation (Linux)", "version": {"version_data": [{"version_value": "before 1.71"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"}]}]}, "references": {"reference_data": [{"name": "HPSBHF03614", "refsource": "HP", "url": "https://support.hp.com/us-en/document/c06318199"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:16:24.814Z"}, "title": "CVE Program Container", "references": [{"name": "HPSBHF03614", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "https://support.hp.com/us-en/document/c06318199"}]}]}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2019-6322", "datePublished": "2019-05-29T19:56:26", "dateReserved": "2019-01-15T00:00:00", "dateUpdated": "2024-08-04T20:16:24.814Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D705A2F2-BDF8-4ACB-B682-E9EB26D5558F", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "61D5EEEF-309C-4A67-9395-4D96B0D96859", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "71022F3C-5A46-467C-88EF-3B24B97F5516", "versionEndExcluding": "1.71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "26F06BE0-00B1-4216-B4ED-42837F3F1AD2", "versionEndExcluding": "1.71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "66FA358A-3EE5-4440-BB90-034051564C5B", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7A880C4-65EC-4D4C-9F31-68AFD4BE79C8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "A5C7B2C1-5F0B-4AB5-B6DE-673B5ED5ED52", "versionEndExcluding": "1.70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "A49133ED-9C3F-400D-972E-23FAB43B7B25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "C80EFB03-1270-49B1-AD2D-0F217AD2CD0E", "versionEndExcluding": "1.71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DD26B60-086E-4C83-B3EB-CA4981AAAF7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "421AD855-EE9B-4BA8-92B7-2A1AAD2E041F", "versionEndExcluding": "1.71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*", "matchCriteriaId": "068354B9-5842-4014-A466-011FA1AA62B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."}, {"lang": "es", "value": "HP ha econtado una vulnerabilidad de seguridad con algunas versiones de Workstation BIOS (UEFI Firmware), donde el tiempo de ejecuci\u00f3n del c\u00f3digo BIOS podr\u00eda ser manipulado si el TPM est\u00e1 deshabilitado. Esta vulnerabilidad esta relacionada con Workstations cuyo TPM est\u00e1 habilitado por defecto."}], "id": "CVE-2019-6322", "lastModified": "2024-11-21T04:46:24.457", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-29T20:29:00.377", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hp.com/us-en/document/c06318199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hp.com/us-en/document/c06318199"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}