PT-2019-2856 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

Publicado

2019-05-31

·

Atualizado

2019-06-18

·

CVE-2019-6325

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419 HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426
Description The issue is related to a Cross-site Request Forgery vulnerability in the microcode of HP Color LaserJet Pro and HP LaserJet Pro printers. Exploitation of this issue may allow a remote attacker to disclose protected information or cause a denial of service.
Recommendations For HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419, update to a version 20190419 or later. For HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426, update to a version 20190426 or later.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

BDU:2019-02821
CVE-2019-6325

Produtos afetados

Hp Color Laserjet Pro M280-M281
Hp Laserjet Pro Mfp M28-M31