Multiple HP printer models information disclosure | CVE-2022-24292
NAME
Multiple HP printer models information disclosure
- Platforms Affected:
HP OfficeJet Pro 8210 Printer series
HP PageWide 352dw Printer
HP PageWide 377dw Multifunction Printer
HP PageWide Managed P55250dw Printer series
HP PageWide Managed P57750dw Multifunction Printer series
HP PageWide Pro 452dn Printer series
HP PageWide Pro 452dw Printer series
HP PageWide Pro 477dn Multifunction Printer series
HP PageWide Pro 477dw Multifunction Printer series
HP PageWide Pro 552dw Printer series
HP PageWide Pro 577 Multifunction Printer series
HP Color LaserJet Pro M453
HP Color LaserJet Pro M454
HP Color LaserJet Pro MFP M2XX
HP Color LaserJet Pro MFP M478
HP Color LaserJet Pro MFP M479
HP LaserJet Pro M304
HP LaserJet Pro M305
HP LaserJet Pro M404
HP LaserJet Pro M405
HP LaserJet Pro MFP M428
HP LaserJet Pro MFP M429 - Risk Level:
9.8 - Exploitability:
Unproven - Consequences:
Obtain Information
DESCRIPTION
Multiple HP printer models could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Access Vector: Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to HPSBPI03781 rev. 1 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://support.hp.com/us-en/document/ish_5950417-5950443-16/hpsbpi03781 - Reference Link:
https://www.zerodayinitiative.com/advisories/ZDI-22-535/
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.
