Lucene search

[email protected]NVD:CVE-2017-2751

HistoryOct 03, 2018 - 8:29 p.m.

CVE-2017-2751

2018-10-0320:29:07

CWE-522

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014.

Affected configurations

Nvd

Node

hphp_240_g1_firmwareRange<f.48

AND

hphp_240_g1Match-

Node

hphp_245_g1_firmwareRange<f.48

AND

hphp_245_g1Match-

Node

hphp_1000-1300_firmwareRange<f.48

AND

hphp_1000-1300Match-

Node

hphp_250_g1_notebook_pc_firmwareRange<f.47

AND

hphp_250_g1_notebook_pcMatch-

Node

hphp_255_g1_notebook_pc_firmwareRange<f.47

AND

hphp_255_g1_notebook_pcMatch-

Node

hphp_envy_15-j000_firmwareRange<f.22

AND

hphp_envy_15-j000Match-

Node

hphp_envy_15-j100_firmwareRange<f.71

AND

hphp_envy_15-j100Match-

Node

hphp_pavilion_15-n000_firmwareRange<f.72

AND

hphp_pavilion_15-n000Match-

Node

hphp_246_firmwareRange<f.04

AND

hphp_246Match-

Node

hphp_455_firmwareRange<f.08

AND

hphp_455Match-

Node

hphp_envy_17_j100_firmwareRange<f.71

AND

hphp_envy_17_j100Match-

Node

hphp_envy_17-j100_leap_motion_se_firmwareRange<f.71

AND

hphp_envy_17-j100_leap_motion_seMatch-

Node

hphp_split_13-g200_firmwareRange<f.25

AND

hphp_split_13-g200Match-

Node

hphp_envy_100_firmwareRange<f.22

AND

hphp_envy_100Match-

Node

hphp_pavilion_14-n000_firmwareRange<f.72

AND

hphp_pavilion_14-n000Match-

Node

hphp_envy_14-k100_firmwareRange<f.22

AND

hphp_envy_14-k100Match-

Node

hphp_spectre_x2_13-smb_pro_firmwareRange<f.25

AND

hphp_spectre_x2_13-smb_proMatch-

Node

hphp_spectre_13-h200_firmwareRange<f.25

AND

hphp_spectre_13-h200Match-

Node

hphp_pavilion_15-n200_firmwareRange<f.72

AND

hphp_pavilion_15-n200Match-

Node

hphp_pavilion_15-n300_firmwareRange<f.72

AND

hphp_pavilion_15-n300Match-

Node

hphp_envy_m6-n000_firmwareRange<f.26

AND

hphp_envy_m6-n000Match-

Node

hphp_255_g3_firmwareRange<f.45

AND

hphp_255_g3Match-

Node

hphp_14-g000_firmwareRange<f.45

AND

hphp_14-g000Match-

Node

hphp_pavilion_11-n000_firmwareRange<f.2e

AND

hphp_pavilion_11-n000Match-

Node

hphp_15-r000_firmwareRange<f.43

AND

hphp_15-r000Match-

Node

hphp_15-r500_firmwareRange<f.43

AND

hphp_15-r500Match-

Node

hphp_pavilion_10-f000_firmwareRange<f.0e

AND

hphp_pavilion_10-f000Match-

Node

hphp_g14-a000_firmwareRange<f.06

AND

hphp_g14-a000Match-

Node

hphp_14-r000_firmwareRange<f.43

AND

hphp_14-r000Match-

Node

hphp_240_g3_firmwareRange<f.43

AND

hphp_240_g3Match-

Node

hphp_246_g3_firmwareRange<f.43

AND

hphp_246_g3Match-

Node

hpcompaq_cq45-900_firmwareMatch-

AND

hpcompaq_cq45-900Match-

Node

hpcompaq_14-h000_firmwareMatch-

AND

hpcompaq_14-h000Match-

Node

hpcompaq_14-s000_firmwareMatch-

AND

hpcompaq_14-s000Match-

VendorProductVersionCPE
hphp_240_g1_firmware*cpe:2.3:o:hp:hp_240_g1_firmware:*:*:*:*:*:*:*:*
hphp_240_g1-cpe:2.3:h:hp:hp_240_g1:-:*:*:*:*:*:*:*
hphp_245_g1_firmware*cpe:2.3:o:hp:hp_245_g1_firmware:*:*:*:*:*:*:*:*
hphp_245_g1-cpe:2.3:h:hp:hp_245_g1:-:*:*:*:*:*:*:*
hphp_1000-1300_firmware*cpe:2.3:o:hp:hp_1000-1300_firmware:*:*:*:*:*:*:*:*
hphp_1000-1300-cpe:2.3:h:hp:hp_1000-1300:-:*:*:*:*:*:*:*
hphp_250_g1_notebook_pc_firmware*cpe:2.3:o:hp:hp_250_g1_notebook_pc_firmware:*:*:*:*:*:*:*:*
hphp_250_g1_notebook_pc-cpe:2.3:h:hp:hp_250_g1_notebook_pc:-:*:*:*:*:*:*:*
hphp_255_g1_notebook_pc_firmware*cpe:2.3:o:hp:hp_255_g1_notebook_pc_firmware:*:*:*:*:*:*:*:*
hphp_255_g1_notebook_pc-cpe:2.3:h:hp:hp_255_g1_notebook_pc:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	hp_240_g1_firmware	*	cpe:2.3:o:hp:hp_240_g1_firmware::::::::
hp	hp_240_g1	-	cpe:2.3:h:hp:hp_240_g1:-:::::::*
hp	hp_245_g1_firmware	*	cpe:2.3:o:hp:hp_245_g1_firmware::::::::
hp	hp_245_g1	-	cpe:2.3:h:hp:hp_245_g1:-:::::::*
hp	hp_1000-1300_firmware	*	cpe:2.3:o:hp:hp_1000-1300_firmware::::::::
hp	hp_1000-1300	-	cpe:2.3:h:hp:hp_1000-1300:-:::::::*
hp	hp_250_g1_notebook_pc_firmware	*	cpe:2.3:o:hp:hp_250_g1_notebook_pc_firmware::::::::
hp	hp_250_g1_notebook_pc	-	cpe:2.3:h:hp:hp_250_g1_notebook_pc:-:::::::*
hp	hp_255_g1_notebook_pc_firmware	*	cpe:2.3:o:hp:hp_255_g1_notebook_pc_firmware::::::::
hp	hp_255_g1_notebook_pc	-	cpe:2.3:h:hp:hp_255_g1_notebook_pc:-:::::::*

Rows per page:

1-10 of 681

References

support.hp.com/us-en/document/c05913581

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

Related for NVD:CVE-2017-2751

prion1 cvelist1 cve1 hp1