Lucene search

HpCVE-2019-6332

HistoryJan 09, 2020 - 7:15 p.m.

CVE-2019-6332

2020-01-0919:15:10

CWE-79

web.nvd.nist.gov

inkjet

printers

vulnerability

xss

cross-site scripting

security

exploit

nvd

cve-2019-6332

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.

Affected configurations

Nvd

Node

hpdeskjet_2600_4uj28b_firmwareRange<1923

AND

hpdeskjet_2600_4uj28bMatch-

Node

hpdeskjet_2600_v1n01a_firmwareRange<1923

AND

hpdeskjet_2600_v1n01aMatch-

Node

hpdeskjet_2600_v1n08a_firmwareRange<1923

AND

hpdeskjet_2600_v1n08aMatch-

Node

hpdeskjet_2600_y5h60a_firmwareRange<1923

AND

hpdeskjet_2600_y5h60aMatch-

Node

hpdeskjet_2600_y5h80a_firmwareRange<1923

AND

hpdeskjet_2600_y5h80aMatch-

Node

hpdeskjet_ink_advantage_2600_v1n02a_firmwareRange<1923

AND

hpdeskjet_ink_advantage_2600_v1n02aMatch-

Node

hpdeskjet_ink_advantage_2600_v1n02b_firmwareRange<1923

AND

hpdeskjet_ink_advantage_2600_v1n02bMatch-

Node

hpdeskjet_ink_advantage_2600_y5z00a_firmwareRange<1923

AND

hpdeskjet_ink_advantage_2600_y5z00aMatch-

Node

hpdeskjet_ink_advantage_2600_y5z04b_firmwareRange≤1923

AND

hpdeskjet_ink_advantage_2600_y5z04bMatch-

Node

hpdeskjet_ink_advantage_5000_m2u86a_firmwareRange<003.1925a

AND

hpdeskjet_ink_advantage_5000_m2u86aMatch-

Node

hpdeskjet_ink_advantage_5000_m2u89b_firmwareRange<003.1925a

AND

hpdeskjet_ink_advantage_5000_m2u89bMatch-

Node

hpdeskjet_ink_advantage_5200_m2u76a_firmwareRange<003.1925a

AND

hpdeskjet_ink_advantage_5200_m2u76a_Match-

Node

hpdeskjet_ink_advantage_5200_m2u78b_firmwareRange<003.1925a

AND

hpdeskjet_ink_advantage_5200_m2u78bMatch-

Node

hpenvy_5000_m2u85a_firmwareRange<003.1925a

AND

hpenvy_5000_m2u85aMatch-

Node

hpenvy_5000_m2u85b_firmwareRange<003.1925a

AND

hpenvy_5000_m2u85bMatch-

Node

hpenvy_5000_m2u91a_firmwareRange<003.1925a

AND

hpenvy_5000_m2u91aMatch-

Node

hpenvy_5000_m2u94b_firmwareRange<003.1925a

AND

hpenvy_5000_m2u94bMatch-

Node

hpenvy_5000_z4a54a_firmwareRange<003.1925a

AND

hpenvy_5000_z4a54aMatch-

Node

hpenvy_5000_z4a74a_firmwareRange<003.1925a

AND

hpenvy_5000_z4a74aMatch-

Node

hpenvy_photo_6200_k7g18a_firmwareRange<003.1925a

AND

hpenvy_photo_6200_k7g18aMatch-

Node

hpenvy_photo_6200_k7g26b_firmwareRange<003.1925a

AND

hpenvy_photo_6200_k7g26bMatch-

Node

hpenvy_photo_6200_k7s21b_firmwareRange<003.1925a

AND

hpenvy_photo_6200_k7s21bMatch-

Node

hpenvy_photo_6200_y0k13d__firmwareRange<003.1925a

AND

hpenvy_photo_6200_y0k13d_Match-

Node

hpenvy_photo_6200_y0k15a_firmwareRange<003.1925a

AND

hpenvy_photo_6200_y0k15aMatch-

Node

hpenvy_photo_7100_3xd89a_firmwareRange<003.1925a

AND

hpenvy_photo_7100_3xd89aMatch-

Node

hpenvy_photo_7100_k7g93a_firmwareRange<003.1925a

AND

hpenvy_photo_7100_k7g93aMatch-

Node

hpenvy_photo_7100_k7g99a_firmwareRange<003.1925a

AND

hpenvy_photo_7100_k7g99aMatch-

Node

hpenvy_photo_7100_z3m37a_firmwareRange<003.1925a

AND

hpenvy_photo_7100_z3m37aMatch-

Node

hpenvy_photo_7100_z3m52a_firmwareRange<003.1925a

AND

hpenvy_photo_7100_z3m52aMatch-

Node

hpenvy_photo_7800_k7r96a_firmwareRange<003.1925a

AND

hpenvy_photo_7800_k7r96aMatch-

Node

hpenvy_photo_7800_k7s00a_firmwareRange<003.1925a

AND

hpenvy_photo_7800_k7s00aMatch-

Node

hpenvy_photo_7800_k7s10d_firmwareRange<003.1925a

AND

hpenvy_photo_7800_k7s10dMatch-

Node

hpenvy_photo_7800_y0g42d_firmwareRange<003.1925a

AND

hpenvy_photo_7800_y0g42dMatch-

Node

hpenvy_photo_7800_y0g52b_firmwareRange<003.1925a

AND

hpenvy_photo_7800_y0g52bMatch-

Node

hpink_tank_wireless_410_z4b53a_firmwareRange<1924

AND

hpink_tank_wireless_410_z4b53aMatch-

Node

hpink_tank_wireless_410_z4b55a_firmwareRange<1924

AND

hpink_tank_wireless_410_z4b55aMatch-

Node

hpink_tank_wireless_410_z6z95a_firmwareRange<1924

AND

hpink_tank_wireless_410_z6z95aMatch-

Node

hpink_tank_wireless_410_z6z99a_firmwareRange<1924

AND

hpink_tank_wireless_410_z6z99aMatch-

Node

hpink_tank_wireless_410_4dx94a_firmwareRange<1924

AND

hpink_tank_wireless_410_4dx94aMatch-

Node

hpink_tank_wireless_410_4dx95a_firmwareRange<1924

AND

hpink_tank_wireless_410_4dx95aMatch-

Node

hpink_tank_wireless_410_4yf79a_firmwareRange<1924

AND

hpink_tank_wireless_410_4yf79aMatch-

Node

hpink_tank_wireless_410_z7a01a_firmwareRange<1924

AND

hpink_tank_wireless_410_z7a01aMatch-

Node

hpofficejet_5200_m2u75a_firmwareRange<003.1925a

AND

hpofficejet_5200_m2u75aMatch-

Node

hpofficejet_5200_m2u81a_firmwareRange<003.1925a

AND

hpofficejet_5200_m2u81aMatch-

Node

hpofficejet_5200_m2u84b_firmwareRange<003.1925a

AND

hpofficejet_5200_m2u84bMatch-

Node

hpofficejet_5200_z4b12a_firmwareRange<003.1925a

AND

hpofficejet_5200_z4b12aMatch-

Node

hpofficejet_5200_z4b14a_firmwareRange<003.1925a

AND

hpofficejet_5200_z4b14aMatch-

Node

hpofficejet_5200_z4b27a_firmwareRange<003.1925a

AND

hpofficejet_5200_z4b27aMatch-

Node

hpofficejet_5200_z4b29a_firmwareRange<003.1925a

AND

hpofficejet_5200_z4b29aMatch-

Node

hpsmart_tank_wireless_450_z4b56a_firmwareRange<1924

AND

hpsmart_tank_wireless_450_z4b56aMatch-

Node

hpsmart_tank_wireless_450_z6z96a_firmwareRange<1924

AND

hpsmart_tank_wireless_450_z6z96aMatch-

Node

hpsmart_tank_wireless_450_z6z98a_firmwareRange<1924

AND

hpsmart_tank_wireless_450_z6z98aMatch-

VendorProductVersionCPE
hpdeskjet_2600_4uj28b_firmware*cpe:2.3:o:hp:deskjet_2600_4uj28b_firmware:*:*:*:*:*:*:*:*
hpdeskjet_2600_4uj28b-cpe:2.3:h:hp:deskjet_2600_4uj28b:-:*:*:*:*:*:*:*
hpdeskjet_2600_v1n01a_firmware*cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware:*:*:*:*:*:*:*:*
hpdeskjet_2600_v1n01a-cpe:2.3:h:hp:deskjet_2600_v1n01a:-:*:*:*:*:*:*:*
hpdeskjet_2600_v1n08a_firmware*cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware:*:*:*:*:*:*:*:*
hpdeskjet_2600_v1n08a-cpe:2.3:h:hp:deskjet_2600_v1n08a:-:*:*:*:*:*:*:*
hpdeskjet_2600_y5h60a_firmware*cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware:*:*:*:*:*:*:*:*
hpdeskjet_2600_y5h60a-cpe:2.3:h:hp:deskjet_2600_y5h60a:-:*:*:*:*:*:*:*
hpdeskjet_2600_y5h80a_firmware*cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware:*:*:*:*:*:*:*:*
hpdeskjet_2600_y5h80a-cpe:2.3:h:hp:deskjet_2600_y5h80a:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	deskjet_2600_4uj28b_firmware	*	cpe:2.3:o:hp:deskjet_2600_4uj28b_firmware::::::::
hp	deskjet_2600_4uj28b	-	cpe:2.3:h:hp:deskjet_2600_4uj28b:-:::::::*
hp	deskjet_2600_v1n01a_firmware	*	cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware::::::::
hp	deskjet_2600_v1n01a	-	cpe:2.3:h:hp:deskjet_2600_v1n01a:-:::::::*
hp	deskjet_2600_v1n08a_firmware	*	cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware::::::::
hp	deskjet_2600_v1n08a	-	cpe:2.3:h:hp:deskjet_2600_v1n08a:-:::::::*
hp	deskjet_2600_y5h60a_firmware	*	cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware::::::::
hp	deskjet_2600_y5h60a	-	cpe:2.3:h:hp:deskjet_2600_y5h60a:-:::::::*
hp	deskjet_2600_y5h80a_firmware	*	cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware::::::::
hp	deskjet_2600_y5h80a	-	cpe:2.3:h:hp:deskjet_2600_y5h80a:-:::::::*

Rows per page:

1-10 of 1041

CNA Affected

[
  {
    "product": "HP DeskJet 2600 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "4UJ28B"
      },
      {
        "status": "affected",
        "version": "V1N01A - V1N08A"
      },
      {
        "status": "affected",
        "version": "Y5H60A - Y5H80A"
      }
    ]
  },
  {
    "product": "HP DeskJet Ink Advantage 2600 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "V1N02A - V1N02B"
      },
      {
        "status": "affected",
        "version": "Y5Z00A - Y5Z04B"
      }
    ]
  },
  {
    "product": "HP DeskJet Ink Advantage 5000 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "M2U86A - M2U89B"
      }
    ]
  },
  {
    "product": "HP DeskJet Ink Advantage 5200 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "M2U76A - M2U78B"
      }
    ]
  },
  {
    "product": "HP ENVY 5000 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "M2U85A - M2U85B"
      },
      {
        "status": "affected",
        "version": "M2U91A - M2U94B"
      },
      {
        "status": "affected",
        "version": "Z4A54A - Z4A74A"
      }
    ]
  },
  {
    "product": "HP ENVY Photo 6200 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "K7G18A-K7G26B"
      },
      {
        "status": "affected",
        "version": "K7S21B"
      },
      {
        "status": "affected",
        "version": "Y0K13D - Y0K15A"
      }
    ]
  },
  {
    "product": "HP ENVY Photo 7100 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "3XD89A"
      },
      {
        "status": "affected",
        "version": "K7G93A-K7G99A"
      },
      {
        "status": "affected",
        "version": "Z3M37A - Z3M52A"
      }
    ]
  },
  {
    "product": "HP ENVY Photo 7800 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "K7R96A"
      },
      {
        "status": "affected",
        "version": "K7S00A - K7S10D"
      },
      {
        "status": "affected",
        "version": "Y0G42D - Y0G52B"
      }
    ]
  },
  {
    "product": "HP Ink Tank Wireless 410 series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "Z4B53A - Z4B55A"
      },
      {
        "status": "affected",
        "version": "Z6Z95A - Z6Z99A"
      },
      {
        "status": "affected",
        "version": "4DX94A - 4DX95A"
      },
      {
        "status": "affected",
        "version": "4YF79A"
      },
      {
        "status": "affected",
        "version": "Z7A01A"
      }
    ]
  },
  {
    "product": "HP OfficeJet 5200 All-in-One Printer series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "M2U75A"
      },
      {
        "status": "affected",
        "version": "M2U81A-M2U84B"
      },
      {
        "status": "affected",
        "version": "Z4B12A - Z4B14A"
      },
      {
        "status": "affected",
        "version": "Z4B27A - Z4B29A"
      }
    ]
  },
  {
    "product": "HP Smart Tank Wireless 450 series",
    "vendor": "HP Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "Z4B56A"
      },
      {
        "status": "affected",
        "version": "Z6Z96A - Z6Z98A"
      }
    ]
  }
]

References

support.hp.com/in-en/document/c06428029

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

Related for CVE-2019-6332