Lucene search

K
hpHP Product Security Response TeamHPSBHF03798
HistoryJul 12, 2022 - 12:00 a.m.

HP Wolf Security Software July 2022 Update

2022-07-1200:00:00
HP Product Security Response Team
support.hp.com
8
hp
wolf security
software
update
retbleed
intel processors
amd processors
information disclosure
vulnerabilities
mitigations
prescriptive guidance

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

31.1%

HP has been informed of potential vulnerabilities (known as RETbleed) identified in some Intel® Processors and in some AMD® Processors, which may allow information disclosure. HP is releasing updates to Wolf Security software to implement the suggested mitigations from the CPU vendors.

HP has implemented the prescriptive guidance from Intel and AMD to mitigate the potential vulnerabilities.

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

31.1%