PT-2018-7178 · Hewlett Packard · Hp Officejet Enterprise Color Printers/Mfp+2
Published
2018-01-23
·
Updated
2018-02-13
·
CVE-2017-2743
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
HP Enterprise LaserJet Printers and MFPs versions prior to 2308214 000901
HP OfficeJet Enterprise Color Printers and MFP versions prior to 2308214 000901
HP PageWide Color Printers and MPS versions prior to 2308214 000901
Description:
The issue is related to a potential security vulnerability that could be exploited to perform a cross-site scripting (XSS) attack. XSS is a type of attack where an attacker injects malicious code into a website, which is then executed by the user's browser. This can lead to unauthorized access to sensitive information or control of the user's session.
Recommendations:
For HP Enterprise LaserJet Printers and MFPs versions prior to 2308214 000901, update the firmware to version 2308214 000901 or later.
For HP OfficeJet Enterprise Color Printers and MFP versions prior to 2308214 000901, update the firmware to version 2308214 000901 or later.
For HP PageWide Color Printers and MPS versions prior to 2308214 000901, update the firmware to version 2308214 000901 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp Enterprise Laserjet Printers/Mfps
Hp Officejet Enterprise Color Printers/Mfp
Hp Pagewide Color Printers/Mps