CVE-2019-6325 - OpenCVE

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server that is potentially vulnerable to Cross-site Request Forgery.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	T6b80a T6b80a Firmware T6b81a T6b81a Firmware T6b82a T6b82a Firmware T6b83a T6b83a Firmware W2g54a W2g54a Firmware W2g55a W2g55a Firmware Y5s50a Y5s50a Firmware Y5s53a Y5s53a Firmware Y5s54a Y5s54a Firmware Y5s55a Y5s55a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hp:t6b80a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b80a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hp:t6b83a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b83a:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hp:t6b81a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b81a:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hp:t6b82a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:t6b82a:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hp:w2g54a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:w2g54a:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hp:w2g55a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:w2g55a:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hp:y5s53a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:y5s53a:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:h:hp:y5s55a:-:*:*:*:*:*:*:*

cpe:2.3:o:hp:y5s55a_firmware:*:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:h:hp:y5s50a:-:*:*:*:*:*:*:*

cpe:2.3:o:hp:y5s50a_firmware:*:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:h:hp:y5s54a:-:*:*:*:*:*:*:*

cpe:2.3:o:hp:y5s54a_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://support.hp.com/us-en/document/c06356322

History

No history.

MITRE

Status: PUBLISHED

Assigner: hp

Published: 2019-06-17T15:55:24

Updated: 2024-08-04T20:16:24.849Z

Reserved: 2019-01-15T00:00:00

Link: CVE-2019-6325

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-06-17T16:15:12.670

Modified: 2019-06-18T18:15:31.407

Link: CVE-2019-6325

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object