CVE-2021-3965 - Vulnerability Details

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00255.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Designjet T1530 L2y23a Designjet T1530 L2y23a Firmware Designjet T1530 L2y24a Designjet T1530 L2y24a Firmware Designjet T1530 L2y24b Designjet T1530 L2y24b Firmware Designjet T2530 L2y25a Designjet T2530 L2y25a Firmware Designjet T2530 L2y26a Designjet T2530 L2y26a Firmware Designjet T2530 L2y26b Designjet T2530 L2y26b Firmware Designjet T3500 B9e24a Designjet T3500 B9e24a Firmware Designjet T3500 B9e24b Designjet T3500 B9e24b Firmware Designjet T3500 B9e25a Designjet T3500 B9e25a Firmware Designjet T920 Cr354a Designjet T920 Cr354a Firmware Designjet T920 Cr355a Designjet T920 Cr355a Firmware Designjet T920 Cr355b Designjet T920 Cr355b Firmware Designjet T930 L2y21a Designjet T930 L2y21a Firmware Designjet T930 L2y21b Designjet T930 L2y21b Firmware Designjet T930 L2y22a Designjet T930 L2y22a Firmware Designjet T930 L2y22b Designjet T930 L2y22b Firmware Designjet Z6600 F2s71a Designjet Z6600 F2s71a Firmware Designjet Z6600 F2s71ar Designjet Z6600 F2s71ar Firmware Designjet Z6610 2qu13a Designjet Z6610 2qu13a Firmware Designjet Z6610 2qu13b Designjet Z6610 2qu13b Firmware Designjet Z6800 F2s72a Designjet Z6800 F2s72a Firmware Designjet Z6800 F2s72ar Designjet Z6800 F2s72ar Firmware Designjet Z6800 F2s72b Designjet Z6800 F2s72b Firmware Designjet Z6810 2qu12a Designjet Z6810 2qu12a Firmware Designjet Z6810 2qu12b Designjet Z6810 2qu12b Firmware Designjet Z6810 2qu14a Designjet Z6810 2qu14a Firmware Designjet Z6810 2qu14b Designjet Z6810 2qu14b Firmware

Configuration 1 [-]

AND

cpe:2.3:o:hp:designjet_t920_cr355a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t920_cr355a:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hp:designjet_t920_cr355b_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t920_cr355b:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hp:designjet_t920_cr354a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t920_cr354a:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hp:designjet_t930_l2y22a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t930_l2y22a:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hp:designjet_t930_l2y22b_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t930_l2y22b:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hp:designjet_t930_l2y21a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t930_l2y21a:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hp:designjet_t930_l2y21b_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t930_l2y21b:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hp:designjet_t1530_l2y24a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t1530_l2y24a:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hp:designjet_t1530_l2y24b_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t1530_l2y24b:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hp:designjet_t1530_l2y23a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t1530_l2y23a:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:hp:designjet_t2530_l2y25a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t2530_l2y25a:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hp:designjet_t2530_l2y26a_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t2530_l2y26a:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hp:designjet_t2530_l2y26b_firmware:mry_07_07_04.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t2530_l2y26b:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:hp:designjet_t3500_b9e24a_firmware:aeneas_04_09_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t3500_b9e24a:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:hp:designjet_t3500_b9e24b_firmware:aeneas_04_09_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t3500_b9e24b:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:hp:designjet_t3500_b9e25a_firmware:aeneas_04_09_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_t3500_b9e25a:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:hp:designjet_z6800_f2s72a_firmware:ptr8_03_07_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6800_f2s72a:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:hp:designjet_z6800_f2s72ar_firmware:ptr8_03_07_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6800_f2s72ar:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:hp:designjet_z6800_f2s72b_firmware:ptr8_03_07_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6800_f2s72b:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:hp:designjet_z6600_f2s71a_firmware:ptr6_03_07_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6600_f2s71a:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:hp:designjet_z6600_f2s71ar_firmware:ptr6_03_07_06.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6600_f2s71ar:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:hp:designjet_z6810_2qu12a_firmware:px8_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6810_2qu12a:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:hp:designjet_z6810_2qu12b_firmware:px8_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6810_2qu12b:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:hp:designjet_z6810_2qu14a_firmware:px8_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6810_2qu14a:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:hp:designjet_z6810_2qu14b_firmware:px8_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6810_2qu14b:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:hp:designjet_z6610_2qu13b_firmware:px6_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6610_2qu13b:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:hp:designjet_z6610_2qu13a_firmware:px6_06_05_02.1:*:*:*:*:*:*:*

cpe:2.3:h:hp:designjet_z6610_2qu13a:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2021-27170	Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.hp.com/us-en/document/ish_5268198-5268230-16

History

No history.

MITRE

Status: PUBLISHED

Assigner: hp

Published: 2022-01-14T19:11:42

Updated: 2024-08-03T17:09:09.697Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-3965

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-14T20:15:11.637

Modified: 2024-11-21T06:23:14.930

Link: CVE-2021-3965

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object