Vulnerability Details

HP Printers XSS Vulnerability (HPSBPI03624)

Published: 2020-01-13 06:45:21
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:H/Au:M/C:P/I:P/A:P

Detection Type:
Remote Banner

Solution Type:
Vendor Patch

Summary:
Multiple HP printers are vulnerable to a cross-site scripting vulnerability.

Detection Method:
Checks if a vulnerable version is present on the target host.

Affected Versions:
HP DeskJet 2600, HP DeskJet Ink Advantage 2600, HP DeskJet Ink Advantage 5000, HP ENVY 5000, HP ENVY Photo 6200, HP ENVY Photo 7100, HP ENVY Photo 7800, HP Ink Tank Wireless 410 series, HP OfficeJet 5200 and HP Smart Tank Wireless 450 series Printers.

Recommendations:
See the referenced vendor advisory for a solution.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2019-6332

References:

https://support.hp.com/in-en/document/c06428029

Search
Severity
Medium
CVSS Score
4.3

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.