CVE-2017-2744

CWE-200Information Exposure4 documents4 sources
Severity
5.5MEDIUM
EPSS
0.2%
top 62.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Support AssistantHP Inc. HP Support Assistant
Timeline
PublishedJan 23
Latest updateMay 14

Description

The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhp/support_assistant< 12.7.26.1
CVEListV5hp_inc./hp_support_assistantbefore 12.7.26.1

🔴Vulnerability Details

2
GHSA
GHSA-p7v5-fh6w-9c87: The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 122022-05-14
CVEList
CVE-2017-2744: The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 122018-01-23

💬Community

1
Bugzilla
CVE-2017-11462 krb5: Automatic sec context deletion could lead to double-free2017-09-06
CVE-2017-2744 (MEDIUM CVSS 5.5) | The vulnerability allows attacker t | cvebase.io