Authentication Bypass Vulnerability in HP Support Assistant
CVE-2016-2245

9.8CRITICAL

Key Information:

Vendor: HP
Status: Support Assistant
Vendor: CVE Published:; 19 March 2016

Summary

The HP Support Assistant application allows remote attackers to bypass authentication through unspecified vectors, potentially leading to unauthorized access. It is crucial for users of HP Support Assistant who have not updated their software to version 8.1.52.1 to take immediate action to protect their systems from potential exploitation.

References

https://h20565.www2.hp.com/hpsc/doc/public/display?docId=...

vendor-advisoryx_refsource_HP

EPSS Score

14% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 19, 2016
Vulnerability Reserved
Feb 8, 2016