Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-3965
HistoryJan 14, 2022 - 8:15 p.m.

CVE-2021-3965

2022-01-1420:15:11
CWE-639
[email protected]
web.nvd.nist.gov
20
hp
designjet
vulnerability
unauthenticated
http requests
print job previews
cve-2021-3965
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.

Affected configurations

NVD
Node
hpdesignjet_t920_cr355aMatch-
AND
hpdesignjet_t920_cr355a_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t920_cr355bMatch-
AND
hpdesignjet_t920_cr355b_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t920_cr354aMatch-
AND
hpdesignjet_t920_cr354a_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t930_l2y22aMatch-
AND
hpdesignjet_t930_l2y22a_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t930_l2y22bMatch-
AND
hpdesignjet_t930_l2y22b_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t930_l2y21aMatch-
AND
hpdesignjet_t930_l2y21a_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t930_l2y21bMatch-
AND
hpdesignjet_t930_l2y21b_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t1530_l2y24aMatch-
AND
hpdesignjet_t1530_l2y24a_firmwareMatchmry_07_07_04.1
Node
hpdesignjet_t1530_l2y24b_firmwareMatchmry_07_07_04.1
AND
hpdesignjet_t1530_l2y24bMatch-
Node
hpdesignjet_t1530_l2y23a_firmwareMatchmry_07_07_04.1
AND
hpdesignjet_t1530_l2y23aMatch-
Node
hpdesignjet_t2530_l2y25a_firmwareMatchmry_07_07_04.1
AND
hpdesignjet_t2530_l2y25aMatch-
Node
hpdesignjet_t2530_l2y26a_firmwareMatchmry_07_07_04.1
AND
hpdesignjet_t2530_l2y26aMatch-
Node
hpdesignjet_t2530_l2y26b_firmwareMatchmry_07_07_04.1
AND
hpdesignjet_t2530_l2y26bMatch-
Node
hpdesignjet_t3500_b9e24a_firmwareMatchaeneas_04_09_06.1
AND
hpdesignjet_t3500_b9e24aMatch-
Node
hpdesignjet_t3500_b9e24b_firmwareMatchaeneas_04_09_06.1
AND
hpdesignjet_t3500_b9e24bMatch-
Node
hpdesignjet_t3500_b9e25a_firmwareMatchaeneas_04_09_06.1
AND
hpdesignjet_t3500_b9e25aMatch-
Node
hpdesignjet_z6800_f2s72a_firmwareMatchptr8_03_07_06.1
AND
hpdesignjet_z6800_f2s72aMatch-
Node
hpdesignjet_z6800_f2s72ar_firmwareMatchptr8_03_07_06.1
AND
hpdesignjet_z6800_f2s72arMatch-
Node
hpdesignjet_z6800_f2s72b_firmwareMatchptr8_03_07_06.1
AND
hpdesignjet_z6800_f2s72bMatch-
Node
hpdesignjet_z6600_f2s71a_firmwareMatchptr6_03_07_06.1
AND
hpdesignjet_z6600_f2s71aMatch-
Node
hpdesignjet_z6600_f2s71ar_firmwareMatchptr6_03_07_06.1
AND
hpdesignjet_z6600_f2s71arMatch-
Node
hpdesignjet_z6810_2qu12a_firmwareMatchpx8_06_05_02.1
AND
hpdesignjet_z6810_2qu12aMatch-
Node
hpdesignjet_z6810_2qu12b_firmwareMatchpx8_06_05_02.1
AND
hpdesignjet_z6810_2qu12bMatch-
Node
hpdesignjet_z6810_2qu14a_firmwareMatchpx8_06_05_02.1
AND
hpdesignjet_z6810_2qu14aMatch-
Node
hpdesignjet_z6810_2qu14b_firmwareMatchpx8_06_05_02.1
AND
hpdesignjet_z6810_2qu14bMatch-
Node
hpdesignjet_z6610_2qu13b_firmwareMatchpx6_06_05_02.1
AND
hpdesignjet_z6610_2qu13bMatch-
Node
hpdesignjet_z6610_2qu13a_firmwareMatchpx6_06_05_02.1
AND
hpdesignjet_z6610_2qu13aMatch-

CNA Affected

[
  {
    "product": "HP DesignJet Printer",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "before MRY_07_07_04.1"
      },
      {
        "status": "affected",
        "version": "before AENEAS_04_09_06.1"
      },
      {
        "status": "affected",
        "version": "before PTR8_03_07_06.1"
      },
      {
        "status": "affected",
        "version": "before PX8_06_05_02.1"
      },
      {
        "status": "affected",
        "version": "before PX6_06_05_02.1"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2021-3965
2022-01-14 19:11:42
nvd
nvd
CVE-2021-3965
2022-01-14 20:15:11
prion
prion
Code injection
2022-01-14 20:15:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON
Related for CVE-2021-3965
cvelist1nvd1prion1