PT-2019-2856 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

Published

2019-05-31

Updated

2019-06-18

CVE-2019-6325

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419 HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426

Description The issue is related to a Cross-site Request Forgery vulnerability in the microcode of HP Color LaserJet Pro and HP LaserJet Pro printers. Exploitation of this issue may allow a remote attacker to disclose protected information or cause a denial of service.

Recommendations For HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419, update to a version 20190419 or later. For HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426, update to a version 20190426 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

BDU:2019-02821

CVE-2019-6325

Affected Products

Hp Color Laserjet Pro M280-M281

Hp Laserjet Pro Mfp M28-M31

PT-2019-2856 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

CVE-2019-6325

Weakness Enumeration

Related Identifiers

Affected Products

References · 4