{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-11761","assignerOrgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","state":"PUBLISHED","assignerShortName":"hp","dateReserved":"2025-10-14T20:23:06.506Z","datePublished":"2025-11-03T15:13:39.263Z","dateUpdated":"2026-02-26T17:47:40.431Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unknown","product":"HP Client Management Script Library","vendor":"HP Inc","versions":[{"lessThan":"<1.85","status":"affected","version":"1.0.0","versionType":"custom"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(255, 255, 255);\">A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability.</span>"}],"value":"A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential vulnerability."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":8.5,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-427","description":"CWE-427 Uncontrolled Search Path Element","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"74586083-13ce-40fd-b46a-8e5d23cfbcb2","shortName":"hp","dateUpdated":"2025-11-03T15:13:39.263Z"},"references":[{"url":"https://support.hp.com/us-en/document/ish_13187651-13187675-16/hpsbhf04058"}],"source":{"discovery":"UNKNOWN"},"title":"HP Client Management Script Library – Security Update","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2025-11761","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-11-04T04:55:15.850715Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T17:47:40.431Z"}}]}}