CVE-2019-16286

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
22/11/2019
Last modified:
24/08/2020

Description

An attacker may be able to bypass the OS application filter meant to restrict applications that can be executed by changing browser preferences to launch a separate process that in turn can execute arbitrary commands.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hp:thinpro_linux:6.2:*:*:*:*:*:*:*
cpe:2.3:a:hp:thinpro_linux:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:thinpro_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:thinpro_linux:7.1:*:*:*:*:*:*:*