CVE-2023-26301 (GCVE-0-2023-26301)
Vulnerability from cvelistv5
Published
2023-07-21 16:06
Modified
2024-08-02 11:46
Severity ?
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
References
Impacted products
Vendor Product Version
HP Inc. HP LaserJet Pro Version: See HP Security Bulletin reference for affected versions.
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:46:23.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HP LaserJet Pro",
          "vendor": "HP Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "See HP Security Bulletin reference for affected versions."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-21T16:06:27.054Z",
        "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
        "shortName": "hp"
      },
      "references": [
        {
          "url": "https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855"
        }
      ],
      "x_generator": {
        "engine": "cveClient/1.0.14"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
    "assignerShortName": "hp",
    "cveId": "CVE-2023-26301",
    "datePublished": "2023-07-21T16:06:27.054Z",
    "dateReserved": "2023-02-21T21:14:33.321Z",
    "dateUpdated": "2024-08-02T11:46:23.942Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-26301\",\"sourceIdentifier\":\"hp-security-alert@hp.com\",\"published\":\"2023-07-21T17:15:10.090\",\"lastModified\":\"2024-11-21T07:51:05.620\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra87f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"E8C9426B-61E7-40B2-BF42-812194F0E6B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra87f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"203BBCA0-0378-484A-9CF0-40D24D3333F3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra88f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"DDF9A6CA-B766-45D5-BFA4-31D2568EF429\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra88f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"724B5880-1F1D-421F-841A-60F30890047B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra89a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"F6FF21B5-CF98-4898-88AF-4FFB4E198EB8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra89a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61792274-0695-4D5E-AE00-8D4C51028256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh48a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"5A86EB5F-6155-43DE-945E-059ED13F20A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh48a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C74AC237-9736-4C3F-9F08-1AB2CEF3B4E4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh51a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"C298E58A-D415-4949-A52A-08FACD02EE45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh51a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA571804-094B-46E2-85B0-8D836F3B1BA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh52a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"49B2EA8F-42FC-4333-8FE9-C3AFB9F9DD3E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh52a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B246003-485F-4EFA-BF1A-B8D5E5A2A3D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh53a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"AC990B4B-E53C-4B28-84F8-44450FB40F53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh53a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBFE8E26-0811-4C77-866D-0F02F9BDF97E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh59a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"4CEBA7D2-AF17-4EE2-B1F3-A3DA7093254D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh59a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00D66D0A-9C7B-44CE-8966-5AB271C27095\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra80f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"EB01C76F-1BFC-472B-B6D0-B349A35F3446\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra80f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C55EC1B-249D-4BFB-8D67-6D89EFD40353\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra81f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"E1B3E42B-225A-47C2-8090-F756D40885E8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra81f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"712BE206-B380-4546-B8FC-AEB3869C8DB3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra82f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"F6678248-6587-4441-9412-5EF6BB18C8D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra82f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42B5079-558B-4A2A-A4D1-B63BDCC13467\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra83f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"BE65F983-0423-4155-836F-1ED15F1B0380\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra83f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"362F5A19-AA44-4BA6-9CD9-C046044D7E78\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra84f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"AFF82D9F-69E6-40B7-BEAC-29C074876DAA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra84f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32106D22-7978-41F5-B139-7DA78475B865\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh64f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"39AEEA62-5FF4-437F-8469-A99CE8E044E3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh64f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EA192E2-B9BF-4909-8160-E2BD4D75E638\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh65a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"58F8CE0A-EE2E-47F4-AACF-EC3175BBAF6D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh65a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AAFA834-935B-49FA-8BA4-853857E171BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh66a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"8B28148B-6918-4956-A6DD-4A038E2A65D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh66a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D413FC4-C4EE-4C7A-A70E-64892710F1D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh67a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"4B8C7A23-A2E8-42AC-BA59-33758881A60B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh67a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69496710-B72E-4845-B16C-779C93B50236\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh72a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"134C2D77-A199-4239-8A1F-5B41BC06F6FF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh72a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"669FDBEE-6FC5-429B-ABA8-E379C7D5438E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh73a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.1.12-202306030312\",\"matchCriteriaId\":\"2B0C4834-38A6-4729-8D3D-A6746DA3ADC1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh73a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C92DB95-37EA-4CD5-A66E-D7187379D5A7\"}]}]}],\"references\":[{\"url\":\"https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855\",\"source\":\"hp-security-alert@hp.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.