Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for officejet_pro_6960_j7k33a_firmware by hp

    CVE-2021-3942 (GCVE-0-2021-3942)

    Vulnerability from nvd – Published: 2022-11-22 23:07 – Updated: 2025-04-25 20:52
    VLAI
    Summary
    Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    hp
    Impacted products
    Vendor Product Version
    HP Inc. HP Print products and Digital Sending products Affected: See HP Security Bulletin reference for affected versions.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T17:09:09.705Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-3942",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T20:51:16.365911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T20:52:47.519Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Print products and Digital Sending products",
              "vendor": "HP Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "See HP Security Bulletin reference for affected versions."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-12T12:11:04.548Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "url": "https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780"
            }
          ],
          "x_generator": {
            "engine": "cveClient/1.0.13"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2021-3942",
        "datePublished": "2022-11-22T23:07:47.320Z",
        "dateReserved": "2021-11-09T21:58:12.461Z",
        "dateUpdated": "2025-04-25T20:52:47.519Z",
        "requesterUserId": "e0158710-d811-4b94-9318-6cef34bebe03",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-28416 (GCVE-0-2020-28416)

    Vulnerability from nvd – Published: 2021-11-03 19:02 – Updated: 2024-08-04 16:33
    VLAI
    Summary
    HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.
    Severity
    No CVSS data available.
    CWE
    • unauthorized local code execution
    Assigner
    hp
    References
    Impacted products
    Vendor Product Version
    n/a HP OfficeJet Printer; HP PageWide Printer Affected: before 33.1.74
    Affected: before 35.0.72
    Affected: before 38.8.1942
    Affected: before 38.9.1948
    Affected: before 39.6.1999
    Affected: before 39.6.2002
    Affected: before 40.11.1122
    Affected: before 40.11.1148
    Affected: before 40.11.1150
    Affected: before 40.12.1161
    Affected: before 40.13.1176
    Affected: before 40.7.1094
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:33:59.102Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c07051163"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP OfficeJet Printer; HP PageWide Printer",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 33.1.74"
                },
                {
                  "status": "affected",
                  "version": "before 35.0.72"
                },
                {
                  "status": "affected",
                  "version": "before 38.8.1942"
                },
                {
                  "status": "affected",
                  "version": "before 38.9.1948"
                },
                {
                  "status": "affected",
                  "version": "before 39.6.1999"
                },
                {
                  "status": "affected",
                  "version": "before 39.6.2002"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1122"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1148"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1150"
                },
                {
                  "status": "affected",
                  "version": "before 40.12.1161"
                },
                {
                  "status": "affected",
                  "version": "before 40.13.1176"
                },
                {
                  "status": "affected",
                  "version": "before 40.7.1094"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unauthorized local code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-03T19:02:37.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.hp.com/us-en/document/c07051163"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2020-28416",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP OfficeJet Printer; HP PageWide Printer",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 33.1.74"
                              },
                              {
                                "version_value": "before 35.0.72"
                              },
                              {
                                "version_value": "before 38.8.1942"
                              },
                              {
                                "version_value": "before 38.9.1948"
                              },
                              {
                                "version_value": "before 39.6.1999"
                              },
                              {
                                "version_value": "before 39.6.2002"
                              },
                              {
                                "version_value": "before 40.11.1122"
                              },
                              {
                                "version_value": "before 40.11.1148"
                              },
                              {
                                "version_value": "before 40.11.1150"
                              },
                              {
                                "version_value": "before 40.12.1161"
                              },
                              {
                                "version_value": "before 40.13.1176"
                              },
                              {
                                "version_value": "before 40.7.1094"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unauthorized local code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.hp.com/us-en/document/c07051163",
                  "refsource": "MISC",
                  "url": "https://support.hp.com/us-en/document/c07051163"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2020-28416",
        "datePublished": "2021-11-03T19:02:37.000Z",
        "dateReserved": "2020-11-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:33:59.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3942 (GCVE-0-2021-3942)

    Vulnerability from cvelistv5 – Published: 2022-11-22 23:07 – Updated: 2025-04-25 20:52
    VLAI
    Summary
    Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    hp
    Impacted products
    Vendor Product Version
    HP Inc. HP Print products and Digital Sending products Affected: See HP Security Bulletin reference for affected versions.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T17:09:09.705Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-3942",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-25T20:51:16.365911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-119",
                    "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-25T20:52:47.519Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP Print products and Digital Sending products",
              "vendor": "HP Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "See HP Security Bulletin reference for affected versions."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-12T12:11:04.548Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "url": "https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780"
            }
          ],
          "x_generator": {
            "engine": "cveClient/1.0.13"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2021-3942",
        "datePublished": "2022-11-22T23:07:47.320Z",
        "dateReserved": "2021-11-09T21:58:12.461Z",
        "dateUpdated": "2025-04-25T20:52:47.519Z",
        "requesterUserId": "e0158710-d811-4b94-9318-6cef34bebe03",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-28416 (GCVE-0-2020-28416)

    Vulnerability from cvelistv5 – Published: 2021-11-03 19:02 – Updated: 2024-08-04 16:33
    VLAI
    Summary
    HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.
    Severity
    No CVSS data available.
    CWE
    • unauthorized local code execution
    Assigner
    hp
    References
    Impacted products
    Vendor Product Version
    n/a HP OfficeJet Printer; HP PageWide Printer Affected: before 33.1.74
    Affected: before 35.0.72
    Affected: before 38.8.1942
    Affected: before 38.9.1948
    Affected: before 39.6.1999
    Affected: before 39.6.2002
    Affected: before 40.11.1122
    Affected: before 40.11.1148
    Affected: before 40.11.1150
    Affected: before 40.12.1161
    Affected: before 40.13.1176
    Affected: before 40.7.1094
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:33:59.102Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.hp.com/us-en/document/c07051163"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "HP OfficeJet Printer; HP PageWide Printer",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 33.1.74"
                },
                {
                  "status": "affected",
                  "version": "before 35.0.72"
                },
                {
                  "status": "affected",
                  "version": "before 38.8.1942"
                },
                {
                  "status": "affected",
                  "version": "before 38.9.1948"
                },
                {
                  "status": "affected",
                  "version": "before 39.6.1999"
                },
                {
                  "status": "affected",
                  "version": "before 39.6.2002"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1122"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1148"
                },
                {
                  "status": "affected",
                  "version": "before 40.11.1150"
                },
                {
                  "status": "affected",
                  "version": "before 40.12.1161"
                },
                {
                  "status": "affected",
                  "version": "before 40.13.1176"
                },
                {
                  "status": "affected",
                  "version": "before 40.7.1094"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unauthorized local code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-03T19:02:37.000Z",
            "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
            "shortName": "hp"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.hp.com/us-en/document/c07051163"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "hp-security-alert@hp.com",
              "ID": "CVE-2020-28416",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "HP OfficeJet Printer; HP PageWide Printer",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 33.1.74"
                              },
                              {
                                "version_value": "before 35.0.72"
                              },
                              {
                                "version_value": "before 38.8.1942"
                              },
                              {
                                "version_value": "before 38.9.1948"
                              },
                              {
                                "version_value": "before 39.6.1999"
                              },
                              {
                                "version_value": "before 39.6.2002"
                              },
                              {
                                "version_value": "before 40.11.1122"
                              },
                              {
                                "version_value": "before 40.11.1148"
                              },
                              {
                                "version_value": "before 40.11.1150"
                              },
                              {
                                "version_value": "before 40.12.1161"
                              },
                              {
                                "version_value": "before 40.13.1176"
                              },
                              {
                                "version_value": "before 40.7.1094"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unauthorized local code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.hp.com/us-en/document/c07051163",
                  "refsource": "MISC",
                  "url": "https://support.hp.com/us-en/document/c07051163"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "assignerShortName": "hp",
        "cveId": "CVE-2020-28416",
        "datePublished": "2021-11-03T19:02:37.000Z",
        "dateReserved": "2020-11-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:33:59.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }