Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hpHP Product Security Response TeamHP:C04720842
HistoryJun 19, 2015 - 12:00 a.m.

HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information

2015-06-1900:00:00
HP Product Security Response Team
support.hp.com
1097

3.4 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

JSON

Potential Security Impact

Remote disclosure of information

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, certain HP OfficeJet Printers and MFPs, and certain HP JetDirect Networking cards using OpenSSL. This is the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” or “POODLE”, which could be exploited remotely to allow disclosure of information.

RESOLUTION

HP has provided firmware updates for impacted printers as set forth in the table below. To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software.

Firmware Updates Table

Product Name

|

Model Number

|

Firmware Revision

—|—|—

HP Color LaserJet CP5525

|

CE707A,CE708A,CE709A

|

2305081_000127 (or higher)

HP Color LaserJet Enterprise M552

|

B5L23A

|

2305076_518484 (or higher)

HP Color LaserJet Enterprise M553

|

B5L24A, B5L25A, B5L26A

|

2305076_518484 (or higher)

HP Color LaserJet Enterprise M651

|

CZ255A, CZ256A, CZ257A, CZ258A

|

2305076_518492 (or higher)

HP Color LaserJet Enterprise M750

|

D3L08A, D3L09A, D3L10A

|

2305081_000144 (or higher)

HP Color LaserJet M680

|

CZ250A, CA251A

|

2305076_518489 (or higher)

HP LaserJet Enterprise 500 color MFP M575dn

|

CD644A, CD645A

|

2305076_518499 (or higher)

HP LaserJet Enterprise 500 MFP M525f

|

CF116A, CF117A

|

2305076_518487 (or higher)

HP LaserJet Enterprise 600 M601

|

CE989A, CE990A

|

2305083_000199 (or higher)

HP LaserJet Enterprise 600 M602

|

CE991A, CE992A, CE993A

|

2305083_000199 (or higher)

HP LaserJet Enterprise 600 M603xh

|

CE994A, CE995A, CE996A

|

2305083_000199 (or higher)

HP LaserJet Enterprise 700 color MFP M775 series

|

CC522A, CC523A, CC524A

|

2305076_518498 (or higher)

HP LaserJet Enterprise 700 M712xh

|

CF235A, CF236A, CF238A

|

2305083_000196 (or higher)

HP LaserJet Enterprise 800 color M855

|

A2W77A, A2W78A, A2W79A

|

2305076_518493 (or higher)

HP LaserJet Enterprise 800 color MFP M880

|

A2W76A, A2W75A, D7P70A, D7P71A

|

2305076_518488 (or higher)

HP LaserJet Enterprise Color 500 M551 Series

|

CF081A,CF082A,CF083A

|

2305083_000200 (or higher)

HP LaserJet Enterprise Color flow MFP M575c

|

CD646A

|

2305076_518499 (or higher)

HP LaserJet Enterprise flow M830z MFP

|

CF367A

|

2305076_518490 (or higher)

HP LaserJet Enterprise flow MFP M525c

|

CF118A

|

2305076_518487 (or higher)

HP LaserJet Enterprise Flow MFP M630z

|

B3G85A

|

2305076_518483 (or higher)

HP LaserJet Enterprise M4555 MFP

|

CE503A, CE504A, CE738A

|

2305083_000222 (or higher)

HP Color LaserJet CM4540 MFP

|

CC419A, CC420A, CC421A

|

2305083_000206 (or higher)

HP LaserJet Enterprise M604

|

E6B67A, E6B68A

|

2305076_518485 (or higher)

HP LaserJet Enterprise M605

|

E6B69A, E6B70A. E6B71A

|

2305076_518485 (or higher)

HP LaserJet Enterprise M606

|

E6B72A, E6B73A

|

2305076_518485 (or higher)

HP LaserJet Enterprise M806

|

CZ244A, CZ245A

|

2305081_000143 (or higher)

HP LaserJet Enterprise MFP M630

|

J7X28A

|

2305076_518483 (or higher)

HP LaserJet Enterprise MFP M725

|

CF066A, CF067A, CF068A, CF069A

|

2305076_518496 (or higher)

HP Scanjet Enterprise 8500FN1 Document Capture Workstation

|

L2717A

|

2305076_518479 (or higher)

HP OfficeJet Enterprise Color X555

|

C2S11A, C2S12A

|

2305076_518491 (or higher)

HP OfficeJet Enterprise Color MFP X585

|

B5L04A, B5L05A,B5L07A

|

2305076_518486 (or higher)

HP LaserJet P3005

|

Q7812A

|

02.190.3 (or higher)

HP Color LaserJet CP3505

|

CB442A

|

03.160.2 (or higher)

HP LaserJet 5200L

|

Q7543A

|

08.241.0 (or higher)

HP LaserJet 5200N

|

Q7543A

|

08.241.0 (or higher)

HP LaserJet 4240

|

Q7785A

|

08.250.2 (or higher)

HP LaserJet 4250

|

Q5400A

|

08.250.2 (or higher)

HP LaserJet 4350

|

Q5407A

|

08.250.2 (or higher)

HP LaserJet 9040

|

Q7697A, Q7698A, Q7699A

|

08.260.3 (or higher)

HP LaserJet 9050

|

Q7697A, Q3721A, Q3722A, Q3723A, Q3723V

|

08.260.3 (or higher)

HP LaserJet 9040 Multifunction Printer

|

Q3721A, Q3726A

|

08.290.2 (or higher)

HP LaserJet 9050 Multifunction Printer

|

Q3721A, Q3728A

|

08.290.2 (or higher)

HP 9200c Digital Sender

|

Q5916A

|

09.271.3 (or higher)

HP LaserJet 4345 Multifunction Printer

|

Q3942A

|

09.310.2 (or higher)

HP LaserJet P2055 Printer

|

CE456A, CE457A, CE459A, CE460A,

|

20141201 (or higher)

HP Color LaserJet 3000

|

Q7534A

|

46.080.2 (or higher)

HP Color LaserJet 3800

|

Q5981A

|

46.080.8 (or higher)

HP Color LaserJet 4700

|

Q7492A

|

46.230.6 (or higher)

HP Color LaserJet CP4005

|

CB503A

|

46.230.6 (or higher)

HP Color LaserJet 4730 Multifunction Printer

|

Q7517A

|

46.380.3 (or higher)

HP LaserJet Pro 200 color Printer M251n, nw

|

CF146A, CF147A

|

20150112 (or higher)

HP LaserJet Pro 500 color MFP M570dn, dw

|

CZ271A, CZ272A

|

20150112 (or higher)

HP LaserJet Pro M521dn, dw MFP

|

A8P79A, A8P80A

|

20150112 (or higher)

HP Color LaserJet Pro MFP M476dn, dw, nw

|

CF385A, CF386A, CF387A

|

20150112 (or higher)

HP LaserJet Pro 400 MFP M425dn, dw

|

CF286A, CF28A

|

20150112 (or higher)

HP LaserJet Pro 200 color MFP M276n, nw

|

CF144A, CF145A

|

20150112 (or higher)

HP LaserJet Pro 400 M401a, d, dn, dne, dw, n

|

CF270A, CF274A, CF278A, CF399A, CF285A, CZ195A

|

20150112 (or higher)

HP LaserJet Pro P1566 Printer

|

CE663A, CE749A

|

20150116 (or higher)

HP LaserJet Pro 300 Color MFP M375nw

|

CE903A

|

20150126 (or higher)

HP LaserJet Pro 400 Color MFP M475dn, dw

|

CE863A, CE864A

|

20150126 (or higher)

HP TopShot LaserJet Pro M275 MFP

|

CF040A

|

20150126 (or higher)

HP LaserJet 300 color M351a

|

CE955A

|

20150126 (or higher)

HP LaserJet 400 color M451dn, dw, nw

|

CE956A, CE957A, CE958A

|

20150126 (or higher)

HP LaserJet Pro MFP M125a

|

CZ172A

|

20150214 (or higher)

HP LaserJet Pro MFP M126a

|

CZ174A

|

20150215 (or higher)

HP LaserJet Pro MFP M125nw

|

CZ173A

|

20150228 (or higher)

HP LaserJet Pro MFP M126nw

|

CZ175A

|

20150228 (or higher)

HP LaserJet Pro MFP M127fn, fw

|

CZ181A, CZ183A

|

20150228 (or higher)

HP LaserJet Pro MFP M128fn, fp, fw

|

CZ184A, CZ185A, CZ186A

|

20150228 (or higher)

HP Color LaserJet Pro MFP M176n, fw

|

CF547A, CZ165A

|

20150228 (or higher)

HP LaserJet Pro P1102, w

|

CE651A, CE658A

|

20150313 (or higher)

HP LaserJet Pro P1106

|

CE653A

|

20150313 (or higher)

HP LaserJet Pro P1108

|

CE655A

|

20150313 (or higher)

LaserJet Pro M435nw MFP

|

A3E42A

|

20150316 (or higher)

HP LaserJet Pro M701a, n

|

B6S00A, B6S01A

|

20150316 (or higher)

HP LaserJet Pro M706n

|

B6S02A

|

20150316 (or higher)

HP LaserJet Professional M1212nf MFP

|

CE841A

|

20150405 (or higher)

HP LaserJet Professional M1213nf MFP

|

CE845A

|

20150405 (or higher)

HP LaserJet Professional M1214nfh MFP

|

CE843A

|

20150405 (or higher)

HP LaserJet Professional M1216nfh MFP

|

CE842A

|

20150405 (or higher)

HP LaserJet Professional M1217nfw MFP

|

CE844A

|

20150405 (or higher)

HP HotSpot LaserJet Pro M1218nfs MFP

|

B4K88A

|

20150405 (or higher)

HP LaserJet Professional M1219nf MFP

|

CE846A

|

20150405 (or higher)

HP LaserJet Pro CP1025, nw

|

CE913A, CE914A, CF346A, CF346A

|

20150413 (or higher)

HP Officejet Pro X451dn Printer

|

CN459A

|

BNP1CN1502AR (or higher)

HP Officejet Pro X451dw Printer

|

CN463A

|

BWP1CN1502AR (or higher)

HP Officejet Pro X551dw Printer

|

CV037A

|

BZP1CN1502AR (or higher)

HP Officejet Pro X476dn MFP

|

CN460A

|

LNP1CN1502BR (or higher)

HP Officejet Pro X476dw MFP

|

CN461A

|

LWP1CN1502BR (or higher)

HP Officejet Pro X576dw MFP

|

CN598A

|

LZP1CN1502BR (or higher)

HP Officejet Pro 276dw MFP

|

CR770A

|

FRP1CN1517AR (or higher)

HP Officejet Pro 8610/15/16 e-All-in-One Printer

|

A7F64A, D7Z36A, J5T77A

|

FDP1CN1502AR (or higher)

HP Officejet Pro 8620/25 e-All-in-One Printer

|

A7F65A, D7Z37A

|

FDP1CN1502AR (or higher)

HP Officejet Pro 8630 e-All-in-One Printer

|

A7F66A

|

FDP1CN1502AR (or higher)

HP Jetdirect 620n EIO Card

|

J7934G

|

V29.26 (or higher)

HP Jetdirect ew2500 802.11b/g Wireless Print Server

|

J8021A

|

V41.16 (or higher)

HP Jetdirect 690n EIO Card

|

J8007A

|

V41.16 (or higher)

HP Jetdirect 635n EIO Card

|

J7961G

|

V41.16 (or higher)

HP Jetdirect 695n EIO Card

|

J8024A

|

V41.16 (or higher)

HP Jetdirect 640n EIO Card

|

J8025A

|

V45.35 (or higher)

HP Color LaserJet CP3525

|

CC468A, CC469A, CC470A, CC471A

|

06.240.2 (or higher)

HP LaserJet M4345 Multifunction Printer

|

CB425A, CB426A, CB427A, CB428A

|

48.362.6 (or higher)

HP LaserJet M5025 Multifunction Printer

|

Q7840A

|

48.362.6 (or higher)

HP Color LaserJet CM6040 Multifunction Printer

|

Q3938A, Q3939A

|

52.312.2 (or higher)

HP Color LaserJet Enterprise CP4525

|

CC493A, CC494A, CC495A

|

07.220.2 (or higher)

HP Color LaserJet Enterprise CP4025

|

CC489A, CC490A

|

07.220.2 (or higher)

HP LaserJet M5035 Multifunction Printer

|

Q7829A, Q7830A, Q7831A

|

48.362.6 (or higher)

HP LaserJet M9050 Multifunction Printer

|

CC395A

|

51.312.3 (or higher)

HP LaserJet M9040 Multifunction Printer

|

CC394A

|

51.312.3 (or higher)

HP Color LaserJet CM4730 Multifunction Printer

|

CB480A, CB481A, CB482A, CB483A

|

50.343.3 (or higher)

HP LaserJet M3035 Multifunction Printer

|

CB414A, CB415A, CC476A, CC477A

|

48.362.6 (or higher)

HP 9250c Digital Sender

|

CB472A

|

48.340.1 (or higher)

HP LaserJet Enterprise P3015

|

CE525A,CE526A,CE527A,CE528A,CE595A

|

07.240.7 (or higher)

HP LaserJet M3027 Multifunction Printer

|

CB416A, CC479A

|

48.362.6 (or higher)

HP LaserJet CM3530 Multifunction Printer

|

CC519A, CC520A

|

53.292.2 (or higher)

HP Color LaserJet CP6015

|

Q3931A, Q3932A, Q3933A, Q3934A, Q3935A

|

04.250.1 (or higher)

HP LaserJet P4515

|

CB514A,CB515A, CB516A, CB517A

|

04.260.1 (or higher)

HP Color LaserJet CM6030 Multifunction Printer

|

CE664A, CE665A

|

52.312.2 (or higher)

HP LaserJet P4015

|

CB509A, CB526A, CB511A, CB510A

|

04.260.1 (or higher)

HP LaserJet P4014

|

CB507A, CB506A, CB512A

|

04.260.1 (or higher)

Related

ibm 99
fedora 19
openvas 16
redhat 2
nessus 45
suse 1
centos 1
cisco 1
seebug 1
osv 1
amazon 2
cert 1
hackerone 1
f5 1
citrix 1
veracode 1
checkpoint_advisories 1
debian 2
mageia 1
virtuozzo 1
cve 1
arista 1
ibm
ibm
Security Bulletin: Vulnerability in SSLv3 affects IBM Integration Designer and WebSphere Integration Developer (CVE-2014-3566)
2018-06-15 07:02:06
Security Bulletin: Vulnerability in SSLv3 affects IBM Rational ClearQuest (CVE-2014-3566)
2018-09-29 18:04:03
Security Bulletin: Vulnerability in SSLv3 affects Algo Credit Administrator (CVE-2014-3566)
2018-06-15 22:33:45
fedora
fedora
[SECURITY] Fedora 19 Update: libetpan-1.6-1.fc19
2015-01-05 07:36:19
[SECURITY] Fedora 22 Update: fossil-1.33-1.fc22
2015-10-15 03:51:23
[SECURITY] Fedora 19 Update: python-rhsm-1.13.6-1.fc19
2014-11-07 02:33:12
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-429)
2015-09-08 00:00:00
Fedora Update for nodejs FEDORA-2014-15411
2015-01-05 00:00:00
Fedora Update for asterisk FEDORA-2014-15621
2015-01-05 00:00:00
redhat
redhat
(RHSA-2014:1653) Moderate: openssl security update
2014-10-16 00:00:00
(RHSA-2015:1546) Important: node.js security update
2015-08-04 00:00:00
nessus
nessus
AIX 6.1 TL 8 : nettcp (IV73416) (POODLE)
2015-06-19 00:00:00
FreeBSD : asterisk -- Asterisk Susceptibility to POODLE Vulnerability (76c7a0f5-5928-11e4-adc7-001999f8d30b) (POODLE)
2014-10-22 00:00:00
AIX 7.1 TL 2 : nettcp (IV73974) (POODLE)
2015-06-19 00:00:00
suse
suse
Security update for suseRegister (important)
2015-01-05 21:04:43
centos
centos
openssl security update
2014-10-16 15:21:39
cisco
cisco
SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2014-10-15 18:30:00
seebug
seebug
SSL 3.0 POODLE(CVE-2014-3566)
2017-02-17 00:00:00
osv
osv
lighttpd - security update
2015-07-25 00:00:00
amazon
amazon
Important: openssl
2014-10-14 22:32:00
Important: nss
2014-10-16 22:14:00
cert
cert
POODLE vulnerability in SSL 3.0
2014-10-17 00:00:00
hackerone
hackerone
New Relic: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2017-03-26 19:08:23
f5
f5
K15702 : SSLv3 vulnerability CVE-2014-3566
2015-09-18 00:00:00
citrix
citrix
CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw
2014-10-14 04:00:00
veracode
veracode
Information Disclosure
2017-02-07 00:05:45
checkpoint_advisories
checkpoint_advisories
Secure Socket Layer (SSL) Version 3.0 (CVE-2014-3566)
2014-10-15 00:00:00
debian
debian
[SECURITY] [DSA 3489-1] lighttpd security update
2016-02-23 18:26:27
[SECURITY] [DLA 282-1] lighttpd security update
2015-07-25 14:29:15
mageia
mageia
Updated ruby-httpclient package enables SSL negotiation
2014-11-26 20:29:06
virtuozzo
virtuozzo
Important product update: Virtuozzo PowerPanel RTM Hotfix 3 (7.0.1-415)
2017-09-20 00:00:00
cve
cve
CVE-2014-3566
2014-10-15 00:55:00
arista
arista
Security Advisory 0007
2014-10-20 00:00:00

3.4 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

JSON
Related for HP:C04720842
ibm99fedora19openvas16redhat2nessus45suse1centos1cisco1seebug1osv1amazon2cert1hackerone1f51citrix1veracode1checkpoint_advisories1debian2mageia1virtuozzo1cve1arista1