Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for z4_g4_core-x_workstation_firmware by hp

    CVE-2019-6322 (GCVE-0-2019-6322)

    Vulnerability from nvd – Published: 2019-05-29 19:56 – Updated: 2024-08-04 20:16
    VLAI
    Summary
    HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity
    Assigner
    hp
    References
    URL Tags
    https://support.hp.com/us-en/document/c06318199 vendor-advisoryx_refsource_HP
    Impacted products
    Vendor Product Version
    n/a HP Z4 G4 Workstation (Xeon W) Affected: before 1.70
    n/a HP Z4 G4 Workstation (Xeon W) (Linux) Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation (Linux) Affected: before 1.70
    n/a HP Z6 G4 Workstation Affected: before 1.71
    n/a HP Z6 G4 Workstation (Linux) Affected: before 1.71
    n/a HP Z8 G4 Workstation Affected: before 1.71
    n/a HP Z8 G4 Workstation (Linux) Affected: before 1.71
    Date Public
    2019-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:16:24.814Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBHF03614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c06318199"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Z4 G4 Workstation (Xeon W)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            }
          ],
          "datePublic": "2019-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-29T19:56:26.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBHF03614",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://support.hp.com/us-en/document/c06318199"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2019-6322",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBHF03614",
                  "refsource": "HP",
                  "url": "https://support.hp.com/us-en/document/c06318199"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2019-6322",
        "datePublished": "2019-05-29T19:56:26.000Z",
        "dateReserved": "2019-01-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:16:24.814Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-6321 (GCVE-0-2019-6321)

    Vulnerability from nvd – Published: 2019-05-29 19:55 – Updated: 2024-08-04 20:16
    VLAI
    Summary
    HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity
    Assigner
    hp
    References
    URL Tags
    https://support.hp.com/us-en/document/c06318199 vendor-advisoryx_refsource_HP
    Impacted products
    Vendor Product Version
    n/a HP Z4 G4 Workstation (Xeon W) Affected: before 1.70
    n/a HP Z4 G4 Workstation (Xeon W) (Linux) Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation (Linux) Affected: before 1.70
    n/a HP Z6 G4 Workstation Affected: before 1.71
    n/a HP Z6 G4 Workstation (Linux) Affected: before 1.71
    n/a HP Z8 G4 Workstation Affected: before 1.71
    n/a HP Z8 G4 Workstation (Linux) Affected: before 1.71
    Date Public
    2019-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:16:24.882Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBHF03614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c06318199"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Z4 G4 Workstation (Xeon W)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            }
          ],
          "datePublic": "2019-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-29T19:55:14.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBHF03614",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://support.hp.com/us-en/document/c06318199"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2019-6321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBHF03614",
                  "refsource": "HP",
                  "url": "https://support.hp.com/us-en/document/c06318199"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2019-6321",
        "datePublished": "2019-05-29T19:55:14.000Z",
        "dateReserved": "2019-01-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:16:24.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-6322 (GCVE-0-2019-6322)

    Vulnerability from cvelistv5 – Published: 2019-05-29 19:56 – Updated: 2024-08-04 20:16
    VLAI
    Summary
    HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity
    Assigner
    hp
    References
    URL Tags
    https://support.hp.com/us-en/document/c06318199 vendor-advisoryx_refsource_HP
    Impacted products
    Vendor Product Version
    n/a HP Z4 G4 Workstation (Xeon W) Affected: before 1.70
    n/a HP Z4 G4 Workstation (Xeon W) (Linux) Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation (Linux) Affected: before 1.70
    n/a HP Z6 G4 Workstation Affected: before 1.71
    n/a HP Z6 G4 Workstation (Linux) Affected: before 1.71
    n/a HP Z8 G4 Workstation Affected: before 1.71
    n/a HP Z8 G4 Workstation (Linux) Affected: before 1.71
    Date Public
    2019-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:16:24.814Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBHF03614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c06318199"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Z4 G4 Workstation (Xeon W)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            }
          ],
          "datePublic": "2019-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-29T19:56:26.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBHF03614",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://support.hp.com/us-en/document/c06318199"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2019-6322",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBHF03614",
                  "refsource": "HP",
                  "url": "https://support.hp.com/us-en/document/c06318199"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2019-6322",
        "datePublished": "2019-05-29T19:56:26.000Z",
        "dateReserved": "2019-01-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:16:24.814Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-6321 (GCVE-0-2019-6321)

    Vulnerability from cvelistv5 – Published: 2019-05-29 19:55 – Updated: 2024-08-04 20:16
    VLAI
    Summary
    HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default.
    Severity
    No CVSS data available.
    CWE
    • Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity
    Assigner
    hp
    References
    URL Tags
    https://support.hp.com/us-en/document/c06318199 vendor-advisoryx_refsource_HP
    Impacted products
    Vendor Product Version
    n/a HP Z4 G4 Workstation (Xeon W) Affected: before 1.70
    n/a HP Z4 G4 Workstation (Xeon W) (Linux) Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation Affected: before 1.70
    n/a HP Z4 G4 Core-X Workstation (Linux) Affected: before 1.70
    n/a HP Z6 G4 Workstation Affected: before 1.71
    n/a HP Z6 G4 Workstation (Linux) Affected: before 1.71
    n/a HP Z8 G4 Workstation Affected: before 1.71
    n/a HP Z8 G4 Workstation (Linux) Affected: before 1.71
    Date Public
    2019-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:16:24.882Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "HPSBHF03614",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c06318199"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Z4 G4 Workstation (Xeon W)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Workstation (Xeon W) (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z4 G4 Core-X Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.70"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z6 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            },
            {
              "product": "HP Z8 G4 Workstation (Linux)",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 1.71"
                }
              ]
            }
          ],
          "datePublic": "2019-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-29T19:55:14.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "name": "HPSBHF03614",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "https://support.hp.com/us-en/document/c06318199"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2019-6321",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Workstation (Xeon W) (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z4 G4 Core-X Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.70"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z6 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HP Z8 G4 Workstation (Linux)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 1.71"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is disabled by default."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Escalation of Privilege, Denial of Service, Information Disclosure, Loss of Confidentiality, Loss of Integrity"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "HPSBHF03614",
                  "refsource": "HP",
                  "url": "https://support.hp.com/us-en/document/c06318199"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2019-6321",
        "datePublished": "2019-05-29T19:55:14.000Z",
        "dateReserved": "2019-01-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:16:24.882Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }