Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-0940
HistoryMar 18, 2009 - 9:00 p.m.

CVE-2009-0940

2009-03-1821:00:00
CWE-352
[email protected]
web.nvd.nist.gov
34
cve-2009-0940
cross-site request forgery
csrf
hp
embedded web server
ews
laserjet printers
edgeline printers
digital senders
remote attack
intranet connectivity
network configuration
password change
nvd

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.

Affected configurations

NVD
Node
hp8100c_digital_senderMatch-
OR
hp9100c_digital_senderMatch-
OR
hp9200c_digital_senderMatch-
OR
hp9250c_digital_senderMatch-
OR
hpcolor_laserjet
OR
hpcolor_laserjet_1500
OR
hpcolor_laserjet_2500
OR
hpcolor_laserjet_2500l
OR
hpcolor_laserjet_2500lse
OR
hpcolor_laserjet_2500n
OR
hpcolor_laserjet_2500tn
OR
hpcolor_laserjet_2605dtn
OR
hpcolor_laserjet_4370mfpMatch20081211_46.211.2
OR
hpcolor_laserjet_4600
OR
hpcolor_laserjet_4600dn
OR
hpcolor_laserjet_4600dtn
OR
hpcolor_laserjet_4600hdn
OR
hpcolor_laserjet_4650
OR
hpcolor_laserjet_4700
OR
hpcolor_laserjet_4730_mfp
OR
hpcolor_laserjet_5500
OR
hpcolor_laserjet_5550
OR
hpcolor_laserjet_8500
OR
hpcolor_laserjet_8550
OR
hpcolor_laserjet_9500
OR
hpcolor_laserjet_9500_mfp
OR
hpcolor_laserjet_9500mfpMatch20070719_05.011.2
OR
hpcolor_mfp_cm8050Match--edgeline
OR
hpcolor_mfp_cm8060Match--edgeline
OR
hpdigital_senders
OR
hpedgeline_printers
OR
hplaserjet_1000
OR
hplaserjet_1005
OR
hplaserjet_1010
OR
hplaserjet_1012
OR
hplaserjet_1015
OR
hplaserjet_1018
OR
hplaserjet_1018s
OR
hplaserjet_1020
OR
hplaserjet_1020_plus
OR
hplaserjet_1022
OR
hplaserjet_1022n
OR
hplaserjet_1022nw
OR
hplaserjet_1100
OR
hplaserjet_1150
OR
hplaserjet_1160
OR
hplaserjet_1200
OR
hplaserjet_1300
OR
hplaserjet_1320
OR
hplaserjet_2
OR
hplaserjet_2000
OR
hplaserjet_2100
OR
hplaserjet_2200
OR
hplaserjet_2200dtn
OR
hplaserjet_2300
OR
hplaserjet_2300dn
OR
hplaserjet_2400
OR
hplaserjet_2410Match20070410_08.112.3
OR
hplaserjet_2420Match20070410_08.112.3
OR
hplaserjet_2430
OR
hplaserjet_2430Match20070410_08.112.3
OR
hplaserjet_2500
OR
hplaserjet_2500c
OR
hplaserjet_2600c
OR
hplaserjet_2600n
OR
hplaserjet_3000
OR
hplaserjet_3700
OR
hplaserjet_4
OR
hplaserjet_4\/4m
OR
hplaserjet_4_plus\/m_plus
OR
hplaserjet_4000
OR
hplaserjet_4000n
OR
hplaserjet_4050
OR
hplaserjet_4100
OR
hplaserjet_4100_mfp
OR
hplaserjet_4100mfp
OR
hplaserjet_4200
OR
hplaserjet_4200dtn
OR
hplaserjet_4200ln
OR
hplaserjet_4240
OR
hplaserjet_4240n
OR
hplaserjet_4250
OR
hplaserjet_4250Match20080319_08.015.0
OR
hplaserjet_4300
OR
hplaserjet_4345_mfp
OR
hplaserjet_4345mfpMatch20081211_09.131.1
OR
hplaserjet_4350
OR
hplaserjet_4350Match20080319_08.015.0
OR
hplaserjet_4350dtn
OR
hplaserjet_4650dn
OR
hplaserjet_4l\/ml
OR
hplaserjet_4m_plus
OR
hplaserjet_4p\/mp
OR
hplaserjet_4si
OR
hplaserjet_4v\/mv
OR
hplaserjet_5
OR
hplaserjet_5\/m\/n
OR
hplaserjet_500_plus
OR
hplaserjet_5000
OR
hplaserjet_5000Matchr.25.15
OR
hplaserjet_5000Matchr.25.47
OR
hplaserjet_5100
OR
hplaserjet_5100Matchv.29.12
OR
hplaserjet_5100dtn
OR
hplaserjet_5200
OR
hplaserjet_5l
OR
hplaserjet_5m
OR
hplaserjet_5p\/mp
OR
hplaserjet_5si
OR
hplaserjet_8000
OR
hplaserjet_8100
OR
hplaserjet_8150
OR
hplaserjet_8150dn
OR
hplaserjet_9000
OR
hplaserjet_9000_mfp
OR
hplaserjet_9000mfp
OR
hplaserjet_9040
OR
hplaserjet_9040Match20080204_08.110.0
OR
hplaserjet_9040mfp
OR
hplaserjet_9040mfpMatch20080204_08.110.0
OR
hplaserjet_9050
OR
hplaserjet_9050Match20080204_08.110.0
OR
hplaserjet_9050_mfp
OR
hplaserjet_9050mfp
OR
hplaserjet_9050mfpMatch20080204_08.110.0
OR
hplaserjet_9055
OR
hplaserjet_9065
OR
hplaserjet_9500
OR
hplaserjet_9500mfp
OR
hplaserjet_ii
OR
hplaserjet_iid
OR
hplaserjet_iii
OR
hplaserjet_iiid
OR
hplaserjet_iiip
OR
hplaserjet_iiisi
OR
hplaserjet_iip
OR
hplaserjet_iip_plus
OR
hplaserjet_m1522n_mfp
OR
hplaserjet_m3027_mfp
OR
hplaserjet_m3035_mfp
OR
hplaserjet_m4345_mfp
OR
hplaserjet_m5025_mfp
OR
hplaserjet_m5035_mfp
OR
hplaserjet_p1000
OR
hplaserjet_p1005
OR
hplaserjet_p1006
OR
hplaserjet_p1007
OR
hplaserjet_p1008
OR
hplaserjet_p1009
OR
hplaserjet_p1500
OR
hplaserjet_p1505
OR
hplaserjet_p1505n
OR
hplaserjet_p2000
OR
hplaserjet_p2010
OR
hplaserjet_p2015
OR
hplaserjet_p2030
OR
hplaserjet_p2050
OR
hplaserjet_p3000
OR
hplaserjet_p3005
OR
hplaserjet_p4010
OR
hplaserjet_p4014
OR
hplaserjet_p4015
OR
hplaserjet_p4500
OR
hplaserjet_p4510

Related

nvd 1
cvelist 1
prion 1
nvd
nvd
CVE-2009-0940
2009-03-18 21:00:00
cvelist
cvelist
CVE-2009-0940
2009-03-18 20:35:00
prion
prion
Cross site request forgery (csrf)
2009-03-18 21:00:00

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.7%

JSON
Related for CVE-2009-0940
nvd1cvelist1prion1