FKIE_CVE-2019-6319
Vulnerability from fkie_nvd - Published: 2020-01-09 20:15 - Updated: 2024-11-21 04:46
Severity ?
Summary
HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.
References
| URL | Tags | ||
|---|---|---|---|
| hp-security-alert@hp.com | https://support.hp.com/us-en/document/c06308143 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hp.com/us-en/document/c06308143 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_f5s43a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBD372D-FCE4-447F-9653-465B0C117365",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_f5s43a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09AAAEF3-3CF8-4F36-BABE-B56131229FFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_f5s57a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6168C9-D5E5-4F24-A14B-11B80B2622BC",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_f5s57a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D9144A-FF96-47D6-ACB2-582A4116AC05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_k4t93a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFBAAC-B829-4C8F-A2AC-494661FA490C",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_k4t93a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9892A4-E8B1-44A9-BAD2-BC5CE98945DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_k4t99c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13F7E920-0440-479C-9FF4-4227EAD89BA2",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_k4t99c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAC11A2-4040-4CCE-BFD3-D41335F76288",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_k4u00b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D13D5B4B-48AA-4DDA-93BD-DFCAB470669C",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_k4u00b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6AFF7E-95A6-427E-B34F-BC2C5431732B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_k4u03b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D42966CC-8380-4629-8844-634FD4D7A538",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_k4u03b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "630AE831-E298-49D9-BACB-840D0DF7D292",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_v3f21a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C504B5-4B1B-4AF9-97D7-552F68886BC5",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_v3f21a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57874890-AB5F-4263-A7B4-F9DC85C62338",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:deskjet_3630_v3f22a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBD9412-3EBC-4909-AC29-6345B6484D51",
"versionEndExcluding": "swp1fn1912br",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:deskjet_3630_v3f22a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58D02BB0-D15D-471E-9017-D51C08E7CB92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration."
},
{
"lang": "es",
"value": "HP DeskJet 3630 All-in-One Printers modelos F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B y V3F21A - V3F22A (versi\u00f3n de firmware SWP1FN1912BR o superior), presentan una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) que podr\u00eda conllevar a una denegaci\u00f3n de servicio (DOS) o configuraci\u00f3n inapropiada del dispositivo."
}
],
"id": "CVE-2019-6319",
"lastModified": "2024-11-21T04:46:24.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-09T20:15:11.317",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06308143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hp.com/us-en/document/c06308143"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…