Vulnerability CVE-2016-2243


Published: 2016-03-04

Description:
Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access.

Vendor: HP
Product: 800 series firmware 
Version: 2.1; 2.09;
Product: 700 series firmware 
Version:
2.09
2.07
2.05
1.08
1.05
Product: Z240 firmware 
Version: 1.11;
Product: Z238 firmware 
Version: 1.11;
Product: 1000 series firmware 
Version:
1.1
1.04
1.01
Product: Zbook firmware 
Version: 1.04; 1.03;
Product: Elitebook folio 1012 x2 g2 

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:P/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.4/10
7.8/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Complete

 References:
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05012469

Related CVE
CVE-2018-6490
Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x. This vulnerability could be remotely exploited to allow Denial of Service.
CVE-2017-8984
A remote code execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506P03 was found.
CVE-2017-8983
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVE-2017-8982
A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
CVE-2017-8981
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.
CVE-2017-8980
A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
CVE-2017-8979
Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.
CVE-2017-8978
A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found.

Copyright 2018, cxsecurity.com

 

Back to Top