CVE-2021-3661

{"id": "CVE-2021-3661", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}]}, "published": "2022-12-12T13:15:11.693", "references": [{"url": "https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://support.hp.com/us-en/document/ish_5670997-5671021-16/hpsbhf03770", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code execution. HP is releasing firmware mitigations for the potential vulnerability."}, {"lang": "es", "value": "Se ha identificado una posible vulnerabilidad de seguridad en HP Workstation BIOS (firmware UEFI) que puede permitir la ejecuci\u00f3n de c\u00f3digo arbitrario. HP est\u00e1 lanzando mitigaciones de firmware para la posible vulnerabilidad."}], "lastModified": "2024-11-21T06:22:05.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z1_all-in-one_g3_firmware:01.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52CB7D08-E352-49F5-8715-5055DDBDBD5B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z1_all-in-one_g3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31DD86B2-0702-45EB-9CFE-E1F363E21CB3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_mini_g3_firmware:01.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C60E47B-10F8-4238-9CED-979915F10C53"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_mini_g3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E8E325E-4FB5-4BBD-8301-3655EE4C8E82"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_mini_g4_firmware:01.08.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68BFE14B-F4C7-460E-B075-40E413C437D2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_mini_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2AAB843A-8C23-4155-AA9A-A9638844B649"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_mini_g5_firmware:01.03.00_rev_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30EF73CD-3EFC-41E6-99D2-EA225F9A2996"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_mini_g5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A6F7EA4-D933-4043-8443-DB2D042161B7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_small_form_factor_g4_firmware:01.08.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B369AF9A-02BC-4105-91AD-AAABAB25371E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_small_form_factor_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28D8DCE4-417D-447E-B30C-44B2AAE950F1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_small_form_factor_g5_firmware:01.03.00_rev_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51440732-CE12-41FF-95AD-3D98511741B2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_small_form_factor_g5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "078C37DD-2BF5-40D0-8607-38D290DF3C92"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_small_form_factor_g8_firmware:01.03.00_rev_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78099425-DF2D-4D4E-B4CA-AC547DBDFC9F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_small_form_factor_g8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D3E8CE5-62F0-47ED-A8AC-47E7AC1920FB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_tower_g4_firmware:01.08.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D924016-9A41-4C27-BA5F-7B50C065097B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_tower_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8CAC1DA-DC4B-470C-A351-278833DEF95A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_tower_g5_firmware:01.03.00_rev_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B13189CB-2B18-4878-A623-3A58D933F2B5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_tower_g5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62BD85D3-FE64-4879-8D6F-BD833DF70C72"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z2_tower_g8_firmware:01.03.00_rev_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A89C5A54-D2FC-4686-ACA7-AC3719617F7D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z2_tower_g8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CEB82416-14CC-40F5-B1C0-1157A3EE7CFF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z238_microtower_firmware:01.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F88D2DE-32FD-4490-BC0A-760966C22901"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z238_microtower:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4463B53C-10C9-4FCC-B209-7D3D0C04DF72"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z240_small_form_factor_firmware:01.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81E7AEB0-6D4D-4DE9-A9F6-EC8BF3DC62D2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z240_small_form_factor:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0EA50241-E9BA-4B45-8450-76E83E64EB4D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z240_tower_firmware:01.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E96E9CDC-1F2E-4F17-8A16-0F9B6E6926D6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z240_tower:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22F00DA1-F06E-4684-AFDD-540F4A95D25E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z4_g4_firmware:02.75:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E6993-EC43-4A51-971F-F92AC8DDECFF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z4_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "30BA646E-8BC4-4EFF-85A2-5F67781151A6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z440_firmware:2.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CAEEACE-2F7A-429C-96A0-94784BA7DCB0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z440:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C2561F9F-C603-46AA-A6FD-7BF864DA46C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z6_g4_firmware:02.75:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF1E074E-6EFC-4265-BD06-D9DDDC75C3DF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z6_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "031EB2C6-6DC9-40FF-9720-B667BCAB6643"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z640_firmware:2.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACA5EDF8-AC00-4C0E-B0F3-43A61680553B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z640:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0ABEB94-77A8-413D-A133-955BC1C59D84"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z8_g4_firmware:02.75:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "531759D8-8F35-46C7-8580-6AB503125264"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z8_g4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A13690A-BCCD-4C6A-93A5-B4B889823AA7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:z840_firmware:2.58:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1908464A-E5AC-4636-A524-BF7BD147D572"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:z840:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E24183E-7790-425B-85C7-DBA62DE9DD2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:zcentral_4r_firmware:01.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8466E68-60E7-4332-BDF8-221EEEA81A5C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:zcentral_4r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "619F29C4-D227-4DFC-9DC2-828CA4F94A37"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}