Lucene search

MitreCVE-2004-2439

HistoryAug 20, 2005 - 4:00 a.m.

CVE-2004-2439

2005-08-2004:00:00

mitre

web.nvd.nist.gov

laserjet

printers

firmware

upgrade

security vulnerability

cve-2004-2439

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.

Affected configurations

Nvd

Node

hpcolor_laserjetMatch4650

hpcolor_laserjetMatch5500

hpcolor_laserjetMatch5550

hpcolor_laserjet_4600

hplaserjet_2500

hplaserjet_3000

hplaserjet_3700

hplaserjet_4100_mfp

hplaserjet_4200

hplaserjet_4300

hplaserjet_9000

hplaserjet_9000_mfp

hplaserjet_9040_mpf

hplaserjet_9050

hplaserjet_9050_mpf

hplaserjet_9055

hplaserjet_9065

hplaserjet_9500

hplaserjet_9500_mpf

VendorProductVersionCPE
hpcolor_laserjet4650cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*
hpcolor_laserjet5500cpe:2.3:h:hp:color_laserjet:5500:*:*:*:*:*:*:*
hpcolor_laserjet5550cpe:2.3:h:hp:color_laserjet:5550:*:*:*:*:*:*:*
hpcolor_laserjet_4600*cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
hplaserjet_2500*cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*
hplaserjet_3000*cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*
hplaserjet_3700*cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*
hplaserjet_4100_mfp*cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*
hplaserjet_4200*cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*
hplaserjet_4300*cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	color_laserjet	4650	cpe:2.3:h:hp:color_laserjet:4650:::::::*
hp	color_laserjet	5500	cpe:2.3:h:hp:color_laserjet:5500:::::::*
hp	color_laserjet	5550	cpe:2.3:h:hp:color_laserjet:5550:::::::*
hp	color_laserjet_4600	*	cpe:2.3:h:hp:color_laserjet_4600::::::::
hp	laserjet_2500	*	cpe:2.3:h:hp:laserjet_2500::::::::
hp	laserjet_3000	*	cpe:2.3:h:hp:laserjet_3000::::::::
hp	laserjet_3700	*	cpe:2.3:h:hp:laserjet_3700::::::::
hp	laserjet_4100_mfp	*	cpe:2.3:h:hp:laserjet_4100_mfp::::::::
hp	laserjet_4200	*	cpe:2.3:h:hp:laserjet_4200::::::::
hp	laserjet_4300	*	cpe:2.3:h:hp:laserjet_4300::::::::

Rows per page:

1-10 of 191

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085

securitytracker.com/id?1011671

www.securityfocus.com/bid/11297

exchange.xforce.ibmcloud.com/vulnerabilities/17634

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.6

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

Related for CVE-2004-2439