CVE-2019-6323 - OpenCVE

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to reflected XSS in wireless configuration page.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	T6b80a T6b80a Firmware T6b81a T6b81a Firmware T6b82a T6b82a Firmware T6b83a T6b83a Firmware W2g54a W2g54a Firmware W2g55a W2g55a Firmware Y5s50a Y5s50a Firmware Y5s53a Y5s53a Firmware Y5s54a Y5s54a Firmware Y5s55a Y5s55a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hp:t6b80a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b80a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hp:t6b83a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b83a:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hp:t6b81a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b81a:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hp:t6b82a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b82a:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hp:w2g54a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:w2g54a:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hp:w2g55a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:w2g55a:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hp:y5s53a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:y5s53a:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hp:y5s55a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:y5s55a:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hp:y5s50a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:y5s50a:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hp:y5s54a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:y5s54a:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://support.hp.com/us-en/document/c06356322

History

No history.

MITRE

Status: PUBLISHED

Assigner: hp

Published: 2019-06-17T15:55:05

Updated: 2024-08-04T20:16:24.740Z

Reserved: 2019-01-15T00:00:00

Link: CVE-2019-6323

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-06-17T16:15:12.577

Modified: 2019-06-18T17:50:59.990

Link: CVE-2019-6323

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object