Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities found for laserjet_pro_m404-m405_93m22a_firmware by hp
CVE-2023-35178 (GCVE-0-2023-35178)
Vulnerability from nvd – Published: 2023-06-30 15:54 – Updated: 2024-12-04 17:03
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:03:41.388397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:03:50.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:54:06.696Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35178",
"datePublished": "2023-06-30T15:54:06.696Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:03:50.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35177 (GCVE-0-2023-35177)
Vulnerability from nvd – Published: 2023-06-30 15:51 – Updated: 2024-12-04 17:03
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:03:11.737098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:03:23.089Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:51:43.530Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35177",
"datePublished": "2023-06-30T15:51:43.530Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:03:23.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35176 (GCVE-0-2023-35176)
Vulnerability from nvd – Published: 2023-06-30 15:44 – Updated: 2024-12-04 17:02
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:01:20.613808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:02:44.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup \u0026 restore feature through the embedded web service on the device."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:44:41.868Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35176",
"datePublished": "2023-06-30T15:44:41.868Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:02:44.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35175 (GCVE-0-2023-35175)
Vulnerability from nvd – Published: 2023-06-30 15:43 – Updated: 2024-12-04 16:12
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:12:34.961490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:12:51.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:43:02.451Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35175",
"datePublished": "2023-06-30T15:43:02.451Z",
"dateReserved": "2023-06-14T15:14:52.288Z",
"dateUpdated": "2024-12-04T16:12:51.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27973 (GCVE-0-2023-27973)
Vulnerability from nvd – Published: 2023-04-28 16:00 – Updated: 2025-01-30 19:08
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27973",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:06:15.392119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:08:03.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T16:00:55.312Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27973",
"datePublished": "2023-04-28T16:00:55.312Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T19:08:03.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27972 (GCVE-0-2023-27972)
Vulnerability from nvd – Published: 2023-04-28 15:59 – Updated: 2025-01-30 19:32
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7920078-7920104-16/hpsbpi03840"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:30:36.327536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:32:18.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T15:59:04.584Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7920078-7920104-16/hpsbpi03840"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27972",
"datePublished": "2023-04-28T15:59:04.584Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T19:32:18.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27971 (GCVE-0-2023-27971)
Vulnerability from nvd – Published: 2023-04-28 15:55 – Updated: 2025-01-30 20:10
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7919962-7920003-16/hpsbpi03839"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T20:10:43.900524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:10:50.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T15:55:45.828Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7919962-7920003-16/hpsbpi03839"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27971",
"datePublished": "2023-04-28T15:55:45.828Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T20:10:50.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24293 (GCVE-0-2022-24293)
Vulnerability from nvd – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:19.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24293",
"datePublished": "2022-03-23T19:46:19.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24292 (GCVE-0-2022-24292)
Vulnerability from nvd – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:17.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24292",
"datePublished": "2022-03-23T19:46:17.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24291 (GCVE-0-2022-24291)
Vulnerability from nvd – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:18.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24291",
"datePublished": "2022-03-23T19:46:18.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35178 (GCVE-0-2023-35178)
Vulnerability from cvelistv5 – Published: 2023-06-30 15:54 – Updated: 2024-12-04 17:03
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:03:41.388397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:03:50.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:54:06.696Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35178",
"datePublished": "2023-06-30T15:54:06.696Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:03:50.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35177 (GCVE-0-2023-35177)
Vulnerability from cvelistv5 – Published: 2023-06-30 15:51 – Updated: 2024-12-04 17:03
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:03:11.737098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:03:23.089Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:51:43.530Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35177",
"datePublished": "2023-06-30T15:51:43.530Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:03:23.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35176 (GCVE-0-2023-35176)
Vulnerability from cvelistv5 – Published: 2023-06-30 15:44 – Updated: 2024-12-04 17:02
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T17:01:20.613808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T17:02:44.165Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup \u0026 restore feature through the embedded web service on the device."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:44:41.868Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35176",
"datePublished": "2023-06-30T15:44:41.868Z",
"dateReserved": "2023-06-14T15:14:52.289Z",
"dateUpdated": "2024-12-04T17:02:44.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35175 (GCVE-0-2023-35175)
Vulnerability from cvelistv5 – Published: 2023-06-30 15:43 – Updated: 2024-12-04 16:12
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T16:12:34.961490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T16:12:51.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model."
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T15:43:02.451Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-35175",
"datePublished": "2023-06-30T15:43:02.451Z",
"dateReserved": "2023-06-14T15:14:52.288Z",
"dateUpdated": "2024-12-04T16:12:51.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27973 (GCVE-0-2023-27973)
Vulnerability from cvelistv5 – Published: 2023-04-28 16:00 – Updated: 2025-01-30 19:08
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution.
Severity ?
9.8 (Critical)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27973",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:06:15.392119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:08:03.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T16:00:55.312Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7920137-7920161-16/hpsbpi03841"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27973",
"datePublished": "2023-04-28T16:00:55.312Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T19:08:03.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27972 (GCVE-0-2023-27972)
Vulnerability from cvelistv5 – Published: 2023-04-28 15:59 – Updated: 2025-01-30 19:32
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7920078-7920104-16/hpsbpi03840"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:30:36.327536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:32:18.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T15:59:04.584Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7920078-7920104-16/hpsbpi03840"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27972",
"datePublished": "2023-04-28T15:59:04.584Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T19:32:18.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27971 (GCVE-0-2023-27971)
Vulnerability from cvelistv5 – Published: 2023-04-28 15:55 – Updated: 2025-01-30 20:10
VLAI?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.
Severity ?
9.8 (Critical)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | HP LaserJet Pro |
Affected:
See HP Security Bulletin reference for affected versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_7919962-7920003-16/hpsbpi03839"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27971",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T20:10:43.900524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:10:50.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege."
}
],
"providerMetadata": {
"dateUpdated": "2023-04-28T15:55:45.828Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7919962-7920003-16/hpsbpi03839"
}
],
"x_generator": {
"engine": "cveClient/1.0.13"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2023-27971",
"datePublished": "2023-04-28T15:55:45.828Z",
"dateReserved": "2023-03-08T23:10:48.315Z",
"dateUpdated": "2025-01-30T20:10:50.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24293 (GCVE-0-2022-24293)
Vulnerability from cvelistv5 – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:19.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24293",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24293",
"datePublished": "2022-03-23T19:46:19.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24291 (GCVE-0-2022-24291)
Vulnerability from cvelistv5 – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:18.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24291",
"datePublished": "2022-03-23T19:46:18.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24292 (GCVE-0-2022-24292)
Vulnerability from cvelistv5 – Published: 2022-03-23 19:46 – Updated: 2024-08-03 04:07
VLAI?
Summary
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
Severity ?
No CVSS data available.
CWE
- Information disclosure, Denial of service, Buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers |
Affected:
before 002_2208A
Affected: before 2205D Affected: before 001.2210B Affected: before 001.2207C |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 002_2208A"
},
{
"status": "affected",
"version": "before 2205D"
},
{
"status": "affected",
"version": "before 001.2210B"
},
{
"status": "affected",
"version": "before 001.2207C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure, Denial of service, Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T19:46:17.000Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2022-24292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers",
"version": {
"version_data": [
{
"version_value": "before 002_2208A"
},
{
"version_value": "before 2205D"
},
{
"version_value": "before 001.2210B"
},
{
"version_value": "before 001.2207C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure, Denial of service, Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hp.com/us-en/document/ish_5950417-5950443-16",
"refsource": "MISC",
"url": "https://support.hp.com/us-en/document/ish_5950417-5950443-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2022-24292",
"datePublished": "2022-03-23T19:46:17.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}