CVE-2012-5218

HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not enable the Secure Boot feature, which allows local users to bypass intended BIOS restrictions and boot unintended operating systems via unspecified vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1	Vendor Advisory
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1	Vendor Advisory
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1	Vendor Advisory
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:h:hp:elitepad:900:*:*:*:*:*:*:*

History

21 Nov 2024, 01:44

Type	Values Removed	Values Added
References	~~() http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1 - Vendor Advisory~~	() http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1 - Vendor Advisory

Information

Published : 2013-04-24 10:28

Updated : 2024-11-21 01:44

NVD link : CVE-2012-5218

Mitre link : CVE-2012-5218

CVE.ORG link : CVE-2012-5218

JSON object : View

Products Affected

hp

elitepad

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2012-5218", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-04-24T10:28:31.897", "references": [{"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03727435-1", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "HP ElitePad 900 PCs with BIOS F.0x before F.01 Update 1.0.0.8 do not enable the Secure Boot feature, which allows local users to bypass intended BIOS restrictions and boot unintended operating systems via unspecified vectors."}, {"lang": "es", "value": "HP ElitePad 900 ordenadores con BIOS vF.0x antes vF.01 Update v1.0.0.8 no permiten la funci\u00f3n de arranque seguro, lo que permite a usuarios locales evitar las restricciones en BIOS previstas y arrancar sistemas operativos no deseados a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T01:44:16.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:elitepad:900:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2BB22E8-5805-4725-81B1-60970BD5E24B"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}