CVE-2019-6322

HP has identified a security vulnerability with some versions of Workstation BIOS (UEFI Firmware) where the runtime BIOS code could be tampered with if the TPM is disabled. This vulnerability relates to Workstations whose TPM is enabled by default.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hp:z4_g4_workstation_firmware:*:*:*:*:*:linux:*:*
cpe:2.3:h:hp:z4_g4_workstation:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hp:z4_g4_core-x_workstation_firmware:*:*:*:*:*:linux:*:*
cpe:2.3:h:hp:z4_g4_core-x_workstation:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hp:z6_g4_workstation_firmware:*:*:*:*:*:linux:*:*
cpe:2.3:h:hp:z6_g4_workstation:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hp:z8_g4_workstation_firmware:*:*:*:*:*:linux:*:*
cpe:2.3:h:hp:z8_g4_workstation:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:46

Type Values Removed Values Added
References () https://support.hp.com/us-en/document/c06318199 - Patch, Vendor Advisory () https://support.hp.com/us-en/document/c06318199 - Patch, Vendor Advisory

Information

Published : 2019-05-29 20:29

Updated : 2024-11-21 04:46


NVD link : CVE-2019-6322

Mitre link : CVE-2019-6322

CVE.ORG link : CVE-2019-6322


JSON object : View

Products Affected

hp

  • z4_g4_workstation_firmware
  • z4_g4_core-x_workstation
  • z8_g4_workstation
  • z4_g4_workstation
  • z6_g4_workstation_firmware
  • z8_g4_workstation_firmware
  • z6_g4_workstation
  • z4_g4_core-x_workstation_firmware
CWE
CWE-667

Improper Locking