CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
19.0%
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | deskjet_2600_4uj28b_firmware | * | cpe:2.3:o:hp:deskjet_2600_4uj28b_firmware:*:*:*:*:*:*:*:* |
hp | deskjet_2600_4uj28b | - | cpe:2.3:h:hp:deskjet_2600_4uj28b:-:*:*:*:*:*:*:* |
hp | deskjet_2600_v1n01a_firmware | * | cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware:*:*:*:*:*:*:*:* |
hp | deskjet_2600_v1n01a | - | cpe:2.3:h:hp:deskjet_2600_v1n01a:-:*:*:*:*:*:*:* |
hp | deskjet_2600_v1n08a_firmware | * | cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware:*:*:*:*:*:*:*:* |
hp | deskjet_2600_v1n08a | - | cpe:2.3:h:hp:deskjet_2600_v1n08a:-:*:*:*:*:*:*:* |
hp | deskjet_2600_y5h60a_firmware | * | cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware:*:*:*:*:*:*:*:* |
hp | deskjet_2600_y5h60a | - | cpe:2.3:h:hp:deskjet_2600_y5h60a:-:*:*:*:*:*:*:* |
hp | deskjet_2600_y5h80a_firmware | * | cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware:*:*:*:*:*:*:*:* |
hp | deskjet_2600_y5h80a | - | cpe:2.3:h:hp:deskjet_2600_y5h80a:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
19.0%