CVE-2019-6333

Name of the Vulnerable Software and Affected Versions HP Touchpoint Analytics versions prior to 4.1.4.2827

Description A potential security issue has been identified that may allow a local attacker with administrative privileges to execute arbitrary code via an HP Touchpoint Analytics system service. The issue is related to insufficient input validation, which can be exploited by an attacker to execute malicious code using DLL files. This can lead to a privilege escalation.

Recommendations For versions prior to 4.1.4.2827, update to version 4.1.4.2827 or later to resolve the issue. As a temporary workaround, consider restricting access to the HP Touchpoint Analytics system service to minimize the risk of exploitation. Additionally, avoid using malicious DLL files in the affected system.