CVE-2025-1003

Low

Low Medium High Critical

CVSS Score

Published: Feb 04, 2025

Last Modified: Feb 04, 2025

Vulnerability Description

A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releasing a software update to mitigate this potential vulnerability.

References & Resources

https://support.hp.com/us-en/document/ish_11920613-11920636-16
hp-security-alert@hp.com

Severity Details

out of 10.0

Low

Weakness Type (CWE)

CWE-273

Improper Check for Dropped Privileges

Description: The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
Exploit Likelihood: Medium
Typical Severity: High
Abstraction Level: Base