Vulnerabilites related to hp - laserjet_5100
cve-2006-6742
Vulnerability from cvelistv5
Published
2006-12-26 23:00
Modified
2024-08-07 20:34
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html | mailing-list, x_refsource_FULLDISC | |
| http://securityreason.com/securityalert/2074 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/23396 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/454817/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2006/5081 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:34:00.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html"
},
{
"name": "2074",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2074"
},
{
"name": "23396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23396"
},
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/454817/100/0/threaded"
},
{
"name": "ADV-2006-5081",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/5081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html"
},
{
"name": "2074",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2074"
},
{
"name": "23396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23396"
},
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/454817/100/0/threaded"
},
{
"name": "ADV-2006-5081",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/5081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html"
},
{
"name": "2074",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2074"
},
{
"name": "23396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23396"
},
{
"name": "20061219 HP Printers FTP Server Denial Of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454817/100/0/threaded"
},
{
"name": "ADV-2006-5081",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6742",
"datePublished": "2006-12-26T23:00:00",
"dateReserved": "2006-12-26T00:00:00",
"dateUpdated": "2024-08-07T20:34:00.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4107
Vulnerability from cvelistv5
Published
2010-11-17 15:00
Modified
2024-08-07 03:34
Severity ?
EPSS score ?
Summary
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1024741 | vdb-entry, x_refsource_SECTRACK | |
| http://www.exploit-db.com/exploits/15631 | exploit, x_refsource_EXPLOIT-DB | |
| http://securityreason.com/securityalert/8328 | third-party-advisory, x_refsource_SREASON | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333 | vendor-advisory, x_refsource_HP | |
| http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf | x_refsource_MISC | |
| http://secunia.com/advisories/42238 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/2987 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/44882 | vdb-entry, x_refsource_BID | |
| http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333 | vendor-advisory, x_refsource_HP | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/63261 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024741"
},
{
"name": "15631",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15631"
},
{
"name": "8328",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8328"
},
{
"name": "HPSBPI02575",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf"
},
{
"name": "42238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42238"
},
{
"name": "ADV-2010-2987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2987"
},
{
"name": "44882",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44882"
},
{
"name": "SSRT090255",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"name": "hp-laserjet-pjl-directory-traversal(63261)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device\u0027s filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1024741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024741"
},
{
"name": "15631",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15631"
},
{
"name": "8328",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8328"
},
{
"name": "HPSBPI02575",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf"
},
{
"name": "42238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42238"
},
{
"name": "ADV-2010-2987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2987"
},
{
"name": "44882",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44882"
},
{
"name": "SSRT090255",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"name": "hp-laserjet-pjl-directory-traversal(63261)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-4107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device\u0027s filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024741",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024741"
},
{
"name": "15631",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15631"
},
{
"name": "8328",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8328"
},
{
"name": "HPSBPI02575",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"name": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf",
"refsource": "MISC",
"url": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf"
},
{
"name": "42238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42238"
},
{
"name": "ADV-2010-2987",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2987"
},
{
"name": "44882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44882"
},
{
"name": "SSRT090255",
"refsource": "HP",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"name": "hp-laserjet-pjl-directory-traversal(63261)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-4107",
"datePublished": "2010-11-17T15:00:00",
"dateReserved": "2010-10-27T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0940
Vulnerability from cvelistv5
Published
2009-03-18 20:35
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/0754 | vdb-entry, x_refsource_VUPEN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566 | vendor-advisory, x_refsource_HP | |
| http://osvdb.org/52848 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/34143 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/52849 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/501884/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.louhinetworks.fi/advisory/HP_20090317.txt | x_refsource_MISC | |
| http://osvdb.org/52847 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52847"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"refsource": "OSVDB",
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"refsource": "OSVDB",
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"refsource": "OSVDB",
"url": "http://osvdb.org/52847"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0940",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0941
Vulnerability from cvelistv5
Published
2009-03-18 20:35
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/0754 | vdb-entry, x_refsource_VUPEN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/archive/1/501884/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.louhinetworks.fi/advisory/HP_20090317.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0941",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-12-26 23:28
Modified
2024-11-21 00:23
Severity ?
Summary
Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | ftp_print_server | 2.4 | |
| hp | ftp_print_server | 2.4.5 | |
| hp | laserjet_5000 | r.25.15 | |
| hp | laserjet_5000 | r.25.47 | |
| hp | laserjet_5100 | v.29.12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:ftp_print_server:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2788794-A4FC-4978-83A6-FAA15D481D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:ftp_print_server:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "496E33DD-4CBE-44BA-8325-01DDADEFD110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.15:*:*:*:*:*:*:*",
"matchCriteriaId": "157C92C4-2217-4A53-B70D-16D2171E7ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.47:*:*:*:*:*:*:*",
"matchCriteriaId": "776C077B-32E5-45AD-866C-9C7FBEDF9631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:v.29.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D29E506F-B2B1-466C-9DAA-C8DFB643F036",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en FTP Print Server 2.4 y 2.4.5 en impresoras HP LaserJet 5000 Series con software empotrado (firmware) R.25.15 o R.25.47, e impresoras HP LaserJet 5100 Series con software empotrado V.29.12, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) mediante una cadena larga en los comandos (1) LIST o (2) NLST."
}
],
"id": "CVE-2006-6742",
"lastModified": "2024-11-21T00:23:32.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-26T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23396"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2074"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/454817/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/5081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051367.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/454817/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/5081"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-18 21:00
Modified
2024-11-21 01:01
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:8100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F186CB2-E079-4F2B-943F-EB8F9638C717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F8D755-0208-4081-99A2-00B0779AB285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9200c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F76374-8890-47D1-AD4D-B8951B08A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9250c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED8DFB7-447D-44BE-98EF-587F6A82D521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2938ACA1-A6FA-47CD-AB05-7CF9095C7850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EBCE22-6268-4083-A045-0D05F7110384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2605dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB5C6FD-9280-451B-ACF3-2C3AFC50BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4370mfp:20081211_46.211.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7CF651-DB8F-4748-8E87-1C0173657400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E71E717-E71F-495E-9D86-794BF8A094D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8881544-2C06-41F2-9569-C3DCEB8F175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600hdn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13BD8FA5-17EC-4850-9970-9F472E4BE809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F03F783-0CFE-488A-A392-2866D56E5E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627B437F-2941-4689-A3D0-E0037D9CB053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE52C54-2BF9-473A-8749-FEA31A2DEAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1218222B-AC9B-430D-8948-D72F72293B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F3C900-81E1-467C-8D70-E70CADF484CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4DED7B-DDA5-4302-923F-95258C52CF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C77E2D0-34F7-4940-AC33-47E405006890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A3DFCD-E5C1-4997-95D4-9DF50FE1EAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500mfp:20070719_05.011.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99FD2715-0ECB-42B9-8967-D8C80DEAC5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8050:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "8E40ABF2-0485-47DB-92FE-FC8F630F15B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "E8D50F7A-2290-49A1-AB7B-F1FCD5035599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:digital_senders:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F654546-9F2E-4B1B-AAF6-54D799317C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:edgeline_printers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E5A0-9342-49BD-BBD7-E8A90FC42EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322C9A6C-C3A6-4058-861C-882B68443744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA365AAC-C67A-43FE-A419-E3B5B0BAEA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB27B7D-AAC8-4FEC-98C4-FC613E9CA36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1012:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581AB2AA-1731-4142-822A-5F40DFA2C34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCE831-3508-4059-9579-91DA526902B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F27B109-9BCA-4D72-A21C-B6D70F1AD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF6A641-E205-4290-97E2-34A3B3E9672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FD0F5B-F181-46AC-BE66-642E4CD60FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B0A4A9-60C2-4CEC-B531-50C086173DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B05D9690-22E6-4E89-A5A7-42B28BD043DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA67FA-E8B9-4D9E-B0F3-58B0A1B183B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022nw:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09FB44-FFEE-4AB0-A2E0-C470F20733EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A25D1906-E45D-465B-B481-8C9B88FF37ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E25BDF8F-F1B9-4A3E-A220-E72B306CF21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1160:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E04FA759-550C-4C08-BBF3-1B8F512DEBB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D562B5-09B6-4D0E-9816-4DC9C193FCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB12831-81B7-4B6E-9D80-259A474F38E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0645FD3F-1F42-4355-8430-D2B3F8740A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3D3A6-7594-4306-A7C1-997328468C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3C0E33-D115-4BCB-818E-92E5655AB8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224C6B7D-DEAF-4B0D-93BA-BC5BF9517009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C69367D0-1B9A-4615-9F4A-2F76596BA8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A842F761-7AC1-4FE6-9D8E-D4E812971371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3BC003-8116-475C-8816-DCD46E0184DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8A93AE-C3A9-4714-A6FB-C855C9F439C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89A6F96-4A4A-4877-8E95-700CBAE663CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2410:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B34898C-6B9F-4DEF-9D9E-B7BA52F95A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2420:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3029F65D-88C0-4BC4-91D6-594474F022B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F804968D-0241-4C20-BAAC-684BA46B67F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BB1543-E25E-4F77-8F53-ADC38FE3B81D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71F75D41-DFB3-4FD2-A883-BBA8964D84D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB83B8ED-0A0A-45C2-9A4F-BF85F97C114E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F0E663-70A4-405C-B37E-60E24DDC6383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A10474D2-F8D9-40B8-8E19-4741BDA55A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4042B85B-8BA8-49C8-8C72-ED4B12D10C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE1760-B9BD-4002-BA5C-0AFC4A2FBFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EBF17F-331F-42D1-AC33-C5F60FF1C865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4\\/4m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96CB43B7-7CA2-4B8A-98D9-377F615F61E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4_plus\\/m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DBBC2B-C054-46AD-9ABD-249216ED513F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659DFCA6-CF7D-4982-913B-6BF1B3DC5F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02138F3E-4F3C-4607-BBB1-98D09B3C7F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6DC20-0757-4CF8-AB85-265C5264630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549105CC-BA47-4C39-8B8A-9CAC39266B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE20791A-6CDA-46D0-8149-82F7D21662BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75525D7F-A881-4199-B44D-8E2D1B4809FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4993667F-9DE8-4DC9-90B1-A6D3AB6BFB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED01DD0-7485-48E8-96E1-598DA0981525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200ln:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BCFB30-7322-4ABE-9529-CC10DA54F752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42459D1C-B860-4622-BA74-C6AF5446D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D180CB2E-F05A-4B9C-837B-605A00086A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B141B-3358-469D-8331-88C5924763EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345mfp:20081211_09.131.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB3F95-8653-4CDB-BD81-53CA6D126512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850BE715-BC0F-4873-9A72-6AED6259FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03FD53-A1CA-4BD4-A87A-520D9782CEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA83D8E-3D70-4021-B9FD-F97BC8C92039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4650dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2681DAAE-9DD4-4F25-B947-C676F868B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4l\\/ml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7085C4E6-A34F-49E6-99EE-547861A25098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0F639A-C9F6-41E4-83BD-8097659ABEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B67CAF7-6CDC-4074-BE55-2D898F1CF3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31DD8C9E-1738-456D-A22C-CB0C760E3712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4v\\/mv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05A010D1-588F-4EC5-9BE2-ADA22D399D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93BAAE8B-718E-4C6D-BAED-3F435D1C66A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5\\/m\\/n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD8388-3357-435C-8430-9D6CFE52D65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_500_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F132B58-AF99-4E26-BEFB-C970AC9FCBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D220CD8-FB19-424D-B223-101098BE9088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.15:*:*:*:*:*:*:*",
"matchCriteriaId": "157C92C4-2217-4A53-B70D-16D2171E7ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.47:*:*:*:*:*:*:*",
"matchCriteriaId": "776C077B-32E5-45AD-866C-9C7FBEDF9631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F236F-7EC3-440B-8FF4-362729EF0807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:v.29.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D29E506F-B2B1-466C-9DAA-C8DFB643F036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1E2E0-6832-4DE2-B793-BC8B2F3BF431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "212422DE-F76F-4418-89E5-B3826047A852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78907BCD-E0C8-44A0-85B7-0B5148AA8AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76199C42-EF30-4F0B-9D7E-5C546001888E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8D6D65-3CA2-41E8-A8F8-B7C7BC24F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1072358B-3C6C-45EB-83B0-22833A96741A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC8DA70-8669-4522-BEF7-C4595E142467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94DFDFD-0CEA-4EC5-8E7D-0548DCAE5563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24852945-2734-468C-8DC7-5C9EBF2301FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C64CAE-6CC4-4B92-9364-F982CDF47F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0E00FE-F3DB-45C2-81AE-D7189559BD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81556F50-ED68-4774-A208-E16286BC2F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D74F55-65F6-4328-B553-2756A75B777E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA65ABF-3241-48B5-B89A-031B09B8C129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEA0FE9-F42F-4ECC-92E4-E404545CB0CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A03C331E-BCF9-4226-ACB5-4CA4C85847F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1FEDCF-C604-49B3-B748-03BE3193792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ADE7A-F615-475F-A6FB-977D51C8BD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDA57B8-2AD5-45EF-9824-E60EBFF71D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2623A6-2DA1-4877-A5D8-3C9001FDC648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3919FF01-7E93-4F35-826D-542DFD6E85B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7381DEDB-71A9-4882-B9DA-AFDC31D907C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F4812-7441-428B-B44A-E85AC64330D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9755F699-E5F7-424C-B84A-119E19A1E413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B8D80A-5E64-4ADD-98F7-2CD913EF151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_ii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502E0F4F-8103-431C-BDCD-07FAA44DB035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F17C5B7-FFE3-4FE6-A4AD-3EABCF9FCE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0EC84F-57BB-44D0-A05D-67AE5CD6652B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA3E91-824D-4167-9990-8CED8E247DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46B3AA1-0D4D-418B-A36B-2B38F642F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiisi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5EE77A-D014-4366-8D5B-251D09CC2DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040C7DA9-9FF6-4772-82D4-2ED2BE01D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD91F67B-C52F-4AED-8E02-B955F495BD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m1522n_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8D0A1B-4F76-4403-B18E-464C33169CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95CC32-07DA-473D-BDAC-347B137E582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3DE1F-AA79-4FE8-B634-368BDF14C0B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E2ECB0-2335-4ABD-8326-CF935E8C4C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C69873-A989-4B66-8D28-67A260EC7A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEA9582-8E01-41D3-A4D0-FA7BB2C98CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46628FAF-9819-4A6F-93BD-39E0650930E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C243A3-FA2C-414D-9530-CF50E65A6D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "169C56AB-5565-4A4A-B298-B1FAC40D23CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "931B6ACB-81B3-4406-834B-DFA85FC8871A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "641D5E03-1FCD-4404-A37B-586262DCF863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1009:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8AA6A9-855C-436C-AE9D-217598516DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69DEDFF4-B9B1-4B31-BE32-1E44C19A5D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C4D0A5-B51C-4122-8BB7-705474A1E709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049D53B4-920A-4BFC-A007-1DF3648C37A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE3B2A8-ABE6-464B-B9E2-E1122EDEA3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F52C858-CFB9-4CE0-9C3C-3672F03B1850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218E5994-4BF9-4B5F-ABAE-0AB85495B8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2030:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FCB0F1-6395-4B9E-99C6-9C919C62EB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF93B01-EEEE-4ACF-B7C0-55F17996543E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6E5576-6764-4534-A405-67B01F4018FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BED71C7-C0A7-4934-9930-1EC7C5A96584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612ACC73-A274-46B1-AEC6-9EBAF1E38D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFBC095-00B6-48D7-AC0A-C172DD3A550B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D468AA7E-BA93-4523-B6AA-B542E714A17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D87FDEEF-E459-4C0E-AA61-6DE9E2D73234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders, permiten a atacantes remotos (1) imprimir documentos mediante vectores desconocidos, (2) modificar la configuraci\u00f3n de red mediante una petici\u00f3n NetIPChange a hp/device/config_result_YesNo.html/config o (3) cambiar la contrase\u00f1a mediante los par\u00e1metros Password y ConfirmPassword a hp/device/set_config_password.html/config."
}
],
"id": "CVE-2009-0940",
"lastModified": "2024-11-21T01:01:17.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T21:00:00.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52847"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52848"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52849"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0754"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-18 21:00
Modified
2024-11-21 01:01
Severity ?
Summary
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:8100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F186CB2-E079-4F2B-943F-EB8F9638C717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F8D755-0208-4081-99A2-00B0779AB285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9200c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F76374-8890-47D1-AD4D-B8951B08A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9250c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED8DFB7-447D-44BE-98EF-587F6A82D521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2938ACA1-A6FA-47CD-AB05-7CF9095C7850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EBCE22-6268-4083-A045-0D05F7110384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2605dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB5C6FD-9280-451B-ACF3-2C3AFC50BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4370mfp:20081211_46.211.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7CF651-DB8F-4748-8E87-1C0173657400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E71E717-E71F-495E-9D86-794BF8A094D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8881544-2C06-41F2-9569-C3DCEB8F175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600hdn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13BD8FA5-17EC-4850-9970-9F472E4BE809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F03F783-0CFE-488A-A392-2866D56E5E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627B437F-2941-4689-A3D0-E0037D9CB053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE52C54-2BF9-473A-8749-FEA31A2DEAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1218222B-AC9B-430D-8948-D72F72293B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F3C900-81E1-467C-8D70-E70CADF484CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4DED7B-DDA5-4302-923F-95258C52CF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C77E2D0-34F7-4940-AC33-47E405006890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A3DFCD-E5C1-4997-95D4-9DF50FE1EAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500mfp:20070719_05.011.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99FD2715-0ECB-42B9-8967-D8C80DEAC5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8050:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "8E40ABF2-0485-47DB-92FE-FC8F630F15B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "E8D50F7A-2290-49A1-AB7B-F1FCD5035599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:digital_senders:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F654546-9F2E-4B1B-AAF6-54D799317C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:edgeline_printers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E5A0-9342-49BD-BBD7-E8A90FC42EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322C9A6C-C3A6-4058-861C-882B68443744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA365AAC-C67A-43FE-A419-E3B5B0BAEA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB27B7D-AAC8-4FEC-98C4-FC613E9CA36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1012:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581AB2AA-1731-4142-822A-5F40DFA2C34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCE831-3508-4059-9579-91DA526902B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F27B109-9BCA-4D72-A21C-B6D70F1AD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF6A641-E205-4290-97E2-34A3B3E9672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FD0F5B-F181-46AC-BE66-642E4CD60FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B0A4A9-60C2-4CEC-B531-50C086173DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B05D9690-22E6-4E89-A5A7-42B28BD043DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA67FA-E8B9-4D9E-B0F3-58B0A1B183B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022nw:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09FB44-FFEE-4AB0-A2E0-C470F20733EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A25D1906-E45D-465B-B481-8C9B88FF37ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E25BDF8F-F1B9-4A3E-A220-E72B306CF21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1160:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E04FA759-550C-4C08-BBF3-1B8F512DEBB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D562B5-09B6-4D0E-9816-4DC9C193FCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB12831-81B7-4B6E-9D80-259A474F38E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0645FD3F-1F42-4355-8430-D2B3F8740A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3D3A6-7594-4306-A7C1-997328468C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3C0E33-D115-4BCB-818E-92E5655AB8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224C6B7D-DEAF-4B0D-93BA-BC5BF9517009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C69367D0-1B9A-4615-9F4A-2F76596BA8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A842F761-7AC1-4FE6-9D8E-D4E812971371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3BC003-8116-475C-8816-DCD46E0184DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8A93AE-C3A9-4714-A6FB-C855C9F439C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89A6F96-4A4A-4877-8E95-700CBAE663CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2410:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B34898C-6B9F-4DEF-9D9E-B7BA52F95A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2420:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3029F65D-88C0-4BC4-91D6-594474F022B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F804968D-0241-4C20-BAAC-684BA46B67F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BB1543-E25E-4F77-8F53-ADC38FE3B81D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71F75D41-DFB3-4FD2-A883-BBA8964D84D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB83B8ED-0A0A-45C2-9A4F-BF85F97C114E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F0E663-70A4-405C-B37E-60E24DDC6383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A10474D2-F8D9-40B8-8E19-4741BDA55A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4042B85B-8BA8-49C8-8C72-ED4B12D10C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE1760-B9BD-4002-BA5C-0AFC4A2FBFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EBF17F-331F-42D1-AC33-C5F60FF1C865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4\\/4m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96CB43B7-7CA2-4B8A-98D9-377F615F61E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4_plus\\/m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DBBC2B-C054-46AD-9ABD-249216ED513F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659DFCA6-CF7D-4982-913B-6BF1B3DC5F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02138F3E-4F3C-4607-BBB1-98D09B3C7F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6DC20-0757-4CF8-AB85-265C5264630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549105CC-BA47-4C39-8B8A-9CAC39266B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE20791A-6CDA-46D0-8149-82F7D21662BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75525D7F-A881-4199-B44D-8E2D1B4809FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4993667F-9DE8-4DC9-90B1-A6D3AB6BFB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED01DD0-7485-48E8-96E1-598DA0981525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200ln:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BCFB30-7322-4ABE-9529-CC10DA54F752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42459D1C-B860-4622-BA74-C6AF5446D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D180CB2E-F05A-4B9C-837B-605A00086A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B141B-3358-469D-8331-88C5924763EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345mfp:20081211_09.131.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB3F95-8653-4CDB-BD81-53CA6D126512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850BE715-BC0F-4873-9A72-6AED6259FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03FD53-A1CA-4BD4-A87A-520D9782CEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA83D8E-3D70-4021-B9FD-F97BC8C92039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4650dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2681DAAE-9DD4-4F25-B947-C676F868B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4l\\/ml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7085C4E6-A34F-49E6-99EE-547861A25098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0F639A-C9F6-41E4-83BD-8097659ABEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B67CAF7-6CDC-4074-BE55-2D898F1CF3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31DD8C9E-1738-456D-A22C-CB0C760E3712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4v\\/mv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05A010D1-588F-4EC5-9BE2-ADA22D399D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93BAAE8B-718E-4C6D-BAED-3F435D1C66A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5\\/m\\/n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD8388-3357-435C-8430-9D6CFE52D65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_500_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F132B58-AF99-4E26-BEFB-C970AC9FCBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D220CD8-FB19-424D-B223-101098BE9088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.15:*:*:*:*:*:*:*",
"matchCriteriaId": "157C92C4-2217-4A53-B70D-16D2171E7ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.47:*:*:*:*:*:*:*",
"matchCriteriaId": "776C077B-32E5-45AD-866C-9C7FBEDF9631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F236F-7EC3-440B-8FF4-362729EF0807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:v.29.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D29E506F-B2B1-466C-9DAA-C8DFB643F036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1E2E0-6832-4DE2-B793-BC8B2F3BF431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "212422DE-F76F-4418-89E5-B3826047A852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78907BCD-E0C8-44A0-85B7-0B5148AA8AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76199C42-EF30-4F0B-9D7E-5C546001888E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8D6D65-3CA2-41E8-A8F8-B7C7BC24F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1072358B-3C6C-45EB-83B0-22833A96741A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC8DA70-8669-4522-BEF7-C4595E142467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94DFDFD-0CEA-4EC5-8E7D-0548DCAE5563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24852945-2734-468C-8DC7-5C9EBF2301FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C64CAE-6CC4-4B92-9364-F982CDF47F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0E00FE-F3DB-45C2-81AE-D7189559BD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81556F50-ED68-4774-A208-E16286BC2F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D74F55-65F6-4328-B553-2756A75B777E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA65ABF-3241-48B5-B89A-031B09B8C129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEA0FE9-F42F-4ECC-92E4-E404545CB0CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A03C331E-BCF9-4226-ACB5-4CA4C85847F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1FEDCF-C604-49B3-B748-03BE3193792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ADE7A-F615-475F-A6FB-977D51C8BD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDA57B8-2AD5-45EF-9824-E60EBFF71D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2623A6-2DA1-4877-A5D8-3C9001FDC648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3919FF01-7E93-4F35-826D-542DFD6E85B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7381DEDB-71A9-4882-B9DA-AFDC31D907C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F4812-7441-428B-B44A-E85AC64330D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9755F699-E5F7-424C-B84A-119E19A1E413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B8D80A-5E64-4ADD-98F7-2CD913EF151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_ii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502E0F4F-8103-431C-BDCD-07FAA44DB035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F17C5B7-FFE3-4FE6-A4AD-3EABCF9FCE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0EC84F-57BB-44D0-A05D-67AE5CD6652B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA3E91-824D-4167-9990-8CED8E247DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46B3AA1-0D4D-418B-A36B-2B38F642F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiisi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5EE77A-D014-4366-8D5B-251D09CC2DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040C7DA9-9FF6-4772-82D4-2ED2BE01D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD91F67B-C52F-4AED-8E02-B955F495BD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m1522n_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8D0A1B-4F76-4403-B18E-464C33169CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95CC32-07DA-473D-BDAC-347B137E582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3DE1F-AA79-4FE8-B634-368BDF14C0B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E2ECB0-2335-4ABD-8326-CF935E8C4C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C69873-A989-4B66-8D28-67A260EC7A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEA9582-8E01-41D3-A4D0-FA7BB2C98CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46628FAF-9819-4A6F-93BD-39E0650930E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C243A3-FA2C-414D-9530-CF50E65A6D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "169C56AB-5565-4A4A-B298-B1FAC40D23CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "931B6ACB-81B3-4406-834B-DFA85FC8871A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "641D5E03-1FCD-4404-A37B-586262DCF863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1009:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8AA6A9-855C-436C-AE9D-217598516DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69DEDFF4-B9B1-4B31-BE32-1E44C19A5D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C4D0A5-B51C-4122-8BB7-705474A1E709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049D53B4-920A-4BFC-A007-1DF3648C37A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE3B2A8-ABE6-464B-B9E2-E1122EDEA3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F52C858-CFB9-4CE0-9C3C-3672F03B1850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218E5994-4BF9-4B5F-ABAE-0AB85495B8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2030:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FCB0F1-6395-4B9E-99C6-9C919C62EB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF93B01-EEEE-4ACF-B7C0-55F17996543E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6E5576-6764-4534-A405-67B01F4018FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BED71C7-C0A7-4934-9930-1EC7C5A96584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612ACC73-A274-46B1-AEC6-9EBAF1E38D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFBC095-00B6-48D7-AC0A-C172DD3A550B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D468AA7E-BA93-4523-B6AA-B542E714A17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D87FDEEF-E459-4C0E-AA61-6DE9E2D73234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
},
{
"lang": "es",
"value": "El HP Embedded Web Server (EWS) en HP LaserJet Printers, Edgeline Printers, y Digital Senders no tiene contrase\u00f1a de administraci\u00f3n por defecto, lo que facilita a atacantes remotos el obtener acceso."
}
],
"id": "CVE-2009-0941",
"lastModified": "2024-11-21T01:01:17.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T21:00:00.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "cve@mitre.org",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0754"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-17 16:00
Modified
2024-11-21 01:20
Severity ?
Summary
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | 9000 | * | |
| hp | color_laserjet_mfp | * | |
| hp | laserjet_4100 | * | |
| hp | laserjet_4200 | * | |
| hp | laserjet_4300 | * | |
| hp | laserjet_5100 | * | |
| hp | laserjet_8150 | * | |
| hp | laserjet_mfp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8B3AD7-0806-4A30-82A5-3C82C740CAEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8AB31A9-1978-47B9-B3E6-A596C429C190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549105CC-BA47-4C39-8B8A-9CAC39266B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4993667F-9DE8-4DC9-90B1-A6D3AB6BFB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B141B-3358-469D-8331-88C5924763EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F236F-7EC3-440B-8FF4-362729EF0807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94DFDFD-0CEA-4EC5-8E7D-0548DCAE5563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7597BC26-E540-4FAF-AEAA-38DA4D09191C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device\u0027s filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto del valor PJL Access en las opciones de File System External Access de las impresoras HP LaserJet MFP, Color LaserJet MFP, LaserJet 4100, 4200, 4300, 5100, 8150, y 9000, activan los comandos PJL que usa el sistema de archivos del dispositivo, lo que permite a atacantes remotos la lectura de archivos de su elecci\u00f3n a trav\u00e9s de un comando en el trabajo activo como se ha demostrado con un ataque de salto de directorio."
}
],
"id": "CVE-2010-4107",
"lastModified": "2024-11-21T01:20:15.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-17T16:00:02.623",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42238"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://securityreason.com/securityalert/8328"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://securitytracker.com/id?1024741"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.exploit-db.com/exploits/15631"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/44882"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2987"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/15631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63261"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}