PT-2019-2241 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

Publicado

2019-05-31

Atualizado

2019-06-18

CVE-2019-6326

CVSS v2.0

9.7

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:P

Name of the Vulnerable Software and Affected Versions HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419 HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426

Description The issue is related to the embedded web server attributes of the printers, which may be potentially vulnerable to Buffer Overflow. It is also associated with a cross-site request forgery vulnerability that could allow a remote attacker to impact the confidentiality and integrity of protected information.

Recommendations For HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419, update to a version 20190419 or later. For HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426, update to a version 20190426 or later.

Correção

CSRF

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352CWE-119

Identificadores relacionados

BDU:2019-02012

CVE-2019-6326

Produtos afetados

Hp Color Laserjet Pro M280-M281

Hp Laserjet Pro Mfp M28-M31

PT-2019-2241 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

CVE-2019-6326

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6