Lucene search

[email protected]CVE-2019-6326

HistoryJun 17, 2019 - 4:15 p.m.

CVE-2019-6326

2019-06-1716:15:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2019-6326

color laserjet pro

laserjet pro

mfp

printer

buffer overflow

security

vulnerability

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

40.3%

JSON

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow.

CPENameOperatorVersion
hp:t6b80a_firmwarehp t6b80a firmwarelt2019-04-19
hp:t6b83a_firmwarehp t6b83a firmwarelt2019-04-19
hp:t6b81a_firmwarehp t6b81a firmwarelt2019-04-19
hp:t6b82a_firmwarehp t6b82a firmwarelt2019-04-19
hp:w2g54a_firmwarehp w2g54a firmwarelt2019-04-26
hp:w2g55a_firmwarehp w2g55a firmwarelt2019-04-26
hp:y5s53a_firmwarehp y5s53a firmwarelt2019-04-26
hp:y5s55a_firmwarehp y5s55a firmwarelt2019-04-26
hp:y5s50a_firmwarehp y5s50a firmwarelt2019-04-26
hp:y5s54a_firmwarehp y5s54a firmwarelt2019-04-26

CPE	Name	Operator	Version
hp:t6b80a_firmware	hp t6b80a firmware	lt	2019-04-19
hp:t6b83a_firmware	hp t6b83a firmware	lt	2019-04-19
hp:t6b81a_firmware	hp t6b81a firmware	lt	2019-04-19
hp:t6b82a_firmware	hp t6b82a firmware	lt	2019-04-19
hp:w2g54a_firmware	hp w2g54a firmware	lt	2019-04-26
hp:w2g55a_firmware	hp w2g55a firmware	lt	2019-04-26
hp:y5s53a_firmware	hp y5s53a firmware	lt	2019-04-26
hp:y5s55a_firmware	hp y5s55a firmware	lt	2019-04-26
hp:y5s50a_firmware	hp y5s50a firmware	lt	2019-04-26
hp:y5s54a_firmware	hp y5s54a firmware	lt	2019-04-26

References

support.hp.com/us-en/document/c06356322

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

40.3%

JSON

Related for CVE-2019-6326

cvelist1 prion1 hp1 openvas1 threatpost1