Local Unauthorized Elevation of Privilege in HPE Smart Update Manager
CVE-2019-11987

7.8HIGH

Key Information:

Vendor: HP
Status: HPe Smart Update Manager
Vendor: CVE Published:; 5 June 2019

What is CVE-2019-11987?

A vulnerability exists in HPE Smart Update Manager (SUM), which could allow an unauthorized local user to elevate their privileges. This security flaw, present in versions prior to v8.4, could have significant implications if exploited, allowing the user to carry out actions without proper authorization. To safeguard your systems, it is recommended to update to the latest version and apply necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HPE Smart Update Manager prior to v8.4

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 5, 2019
Vulnerability Reserved
May 13, 2019

JSON

HP

What is CVE-2019-11987?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.