Detections
Analytics

HP LaserJet Printers Multiple Vulnerabilities

medium Nessus Plugin ID 70453

Language:

Synopsis

The remote printer is potentially affected by multiple vulnerabilities.

Description

The remote HP printer is potentially affected by the following vulnerabilities :

 - Weak encryption of PDF documents may allow attackers to gain access to sensitive information. (CVE-2013-4828)

 - Local disclosure of scanned documents via unspecified vectors. (CVE-2013-4829)

Solution

Upgrade the firmware in accordance with the vendor's advisory.

See Also

http://www.nessus.org/u?8ad32712

Plugin Details

Severity: Medium

ID: 70453

File Name: hp_laserjet_hpsbpi02892.nbin

Version: 1.69

Type: remote

Family: Misc.

Published: 10/16/2013

Updated: 5/20/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/h:hp:laserjet_m525f, cpe:/h:hp:color_laserjet_m775z%2b, cpe:/h:hp:laserjet_m525dn, cpe:/h:hp:laserjet_enterprise_color_flow_m575c, cpe:/h:hp:laserjet_m725dn, cpe:/h:hp:laserjet_m4555f, cpe:/h:hp:laserjet_m4555h, cpe:/h:hp:color_laserjet_m775z, cpe:/h:hp:laserjet_flow_m525c, cpe:/h:hp:laserjet_m725z%2b, cpe:/h:hp:color_laserjet_m575f, cpe:/h:hp:laserjet_m725f, cpe:/h:hp:color_laserjet_m575dn, cpe:/h:hp:laserjet_m4555fskm, cpe:/h:hp:laserjet_m725z, cpe:/h:hp:color_laserjet_m775f, cpe:/h:hp:color_laserjet_m775dn, cpe:/h:hp:laserjet_m4555

Exploit Ease: No known exploits are available

Patch Publication Date: 9/14/2013

Vulnerability Publication Date: 10/3/2013

Reference Information

CVE: CVE-2013-4828, CVE-2013-4829

BID: 62813, 62814