Detections
Analytics
HP MFP Digital Sending Software 4.9x <= 4.91.21 Local Workflow Metadata Information Disclosure
low Nessus Plugin ID 56651
Language:
Synopsis
The remote Windows host contains an application affected by a local information disclosure vulnerability.Description
The remote Windows host contains a version of HP MFP Digital Sending Software version 4.9x that's 4.91.21 or earlier. It is reportedly affected by a local information disclosure vulnerability that could result in disclosure of personal information in workflow metadata.Solution
Install HP MFP Digital Sending Software version 4.20.Note that, while 4.9x represents a re-architecture of HP MFP Digital Signing Software 4.20 to enable support for FutureSmart devices, the only fix HP currently provides is to move to 4.20 from the 4.9x release branch.
See Also
https://www.securityfocus.com/archive/1/520162/30/0/threaded
Plugin Details
Severity: Low
ID: 56651
File Name: hp_mfp_dss_4_20.nasl
Version: 1.6
Type: local
Agent: windows
Family: Windows
Published: 10/26/2011
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: Low
Base Score: 1.2
Temporal Score: 0.9
Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: cpe:/a:hp:multifunction_peripheral_digital_sending_software
Required KB Items: SMB/HP_MFP_DSS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 10/20/2011
Vulnerability Publication Date: 10/20/2011
Reference Information
CVE: CVE-2011-3163
BID: 50297