fkie_cve-2023-26301
Vulnerability from fkie_nvd
Published
2023-07-21 17:15
Modified
2024-11-21 07:51
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.
References
hp-security-alert@hp.comhttps://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855Vendor Advisory
Impacted products
Vendor Product Version
hp color_laserjet_pro_4201-4203_4ra87f_firmware *
hp color_laserjet_pro_4201-4203_4ra87f -
hp color_laserjet_pro_4201-4203_4ra88f_firmware *
hp color_laserjet_pro_4201-4203_4ra88f -
hp color_laserjet_pro_4201-4203_4ra89a_firmware *
hp color_laserjet_pro_4201-4203_4ra89a -
hp color_laserjet_pro_4201-4203_5hh48a_firmware *
hp color_laserjet_pro_4201-4203_5hh48a -
hp color_laserjet_pro_4201-4203_5hh51a_firmware *
hp color_laserjet_pro_4201-4203_5hh51a -
hp color_laserjet_pro_4201-4203_5hh52a_firmware *
hp color_laserjet_pro_4201-4203_5hh52a -
hp color_laserjet_pro_4201-4203_5hh53a_firmware *
hp color_laserjet_pro_4201-4203_5hh53a -
hp color_laserjet_pro_4201-4203_5hh59a_firmware *
hp color_laserjet_pro_4201-4203_5hh59a -
hp color_laserjet_pro_mfp_4301-4303_4ra80f_firmware *
hp color_laserjet_pro_mfp_4301-4303_4ra80f -
hp color_laserjet_pro_mfp_4301-4303_4ra81f_firmware *
hp color_laserjet_pro_mfp_4301-4303_4ra81f -
hp color_laserjet_pro_mfp_4301-4303_4ra82f_firmware *
hp color_laserjet_pro_mfp_4301-4303_4ra82f -
hp color_laserjet_pro_mfp_4301-4303_4ra83f_firmware *
hp color_laserjet_pro_mfp_4301-4303_4ra83f -
hp color_laserjet_pro_mfp_4301-4303_4ra84f_firmware *
hp color_laserjet_pro_mfp_4301-4303_4ra84f -
hp color_laserjet_pro_mfp_4301-4303_5hh64f_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh64f -
hp color_laserjet_pro_mfp_4301-4303_5hh65a_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh65a -
hp color_laserjet_pro_mfp_4301-4303_5hh66a_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh66a -
hp color_laserjet_pro_mfp_4301-4303_5hh67a_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh67a -
hp color_laserjet_pro_mfp_4301-4303_5hh72a_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh72a -
hp color_laserjet_pro_mfp_4301-4303_5hh73a_firmware *
hp color_laserjet_pro_mfp_4301-4303_5hh73a -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra87f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8C9426B-61E7-40B2-BF42-812194F0E6B7",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra87f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "203BBCA0-0378-484A-9CF0-40D24D3333F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra88f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF9A6CA-B766-45D5-BFA4-31D2568EF429",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra88f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "724B5880-1F1D-421F-841A-60F30890047B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_4ra89a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6FF21B5-CF98-4898-88AF-4FFB4E198EB8",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_4ra89a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61792274-0695-4D5E-AE00-8D4C51028256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh48a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A86EB5F-6155-43DE-945E-059ED13F20A0",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh48a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C74AC237-9736-4C3F-9F08-1AB2CEF3B4E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh51a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C298E58A-D415-4949-A52A-08FACD02EE45",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh51a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA571804-094B-46E2-85B0-8D836F3B1BA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh52a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49B2EA8F-42FC-4333-8FE9-C3AFB9F9DD3E",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh52a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B246003-485F-4EFA-BF1A-B8D5E5A2A3D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh53a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC990B4B-E53C-4B28-84F8-44450FB40F53",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh53a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFE8E26-0811-4C77-866D-0F02F9BDF97E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_4201-4203_5hh59a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEBA7D2-AF17-4EE2-B1F3-A3DA7093254D",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_4201-4203_5hh59a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D66D0A-9C7B-44CE-8966-5AB271C27095",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra80f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB01C76F-1BFC-472B-B6D0-B349A35F3446",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra80f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C55EC1B-249D-4BFB-8D67-6D89EFD40353",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra81f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B3E42B-225A-47C2-8090-F756D40885E8",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra81f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "712BE206-B380-4546-B8FC-AEB3869C8DB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra82f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6678248-6587-4441-9412-5EF6BB18C8D0",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra82f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42B5079-558B-4A2A-A4D1-B63BDCC13467",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra83f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE65F983-0423-4155-836F-1ED15F1B0380",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra83f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "362F5A19-AA44-4BA6-9CD9-C046044D7E78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_4ra84f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFF82D9F-69E6-40B7-BEAC-29C074876DAA",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_4ra84f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32106D22-7978-41F5-B139-7DA78475B865",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh64f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AEEA62-5FF4-437F-8469-A99CE8E044E3",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh64f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA192E2-B9BF-4909-8160-E2BD4D75E638",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh65a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58F8CE0A-EE2E-47F4-AACF-EC3175BBAF6D",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh65a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AAFA834-935B-49FA-8BA4-853857E171BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh66a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B28148B-6918-4956-A6DD-4A038E2A65D0",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh66a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D413FC4-C4EE-4C7A-A70E-64892710F1D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh67a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B8C7A23-A2E8-42AC-BA59-33758881A60B",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh67a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69496710-B72E-4845-B16C-779C93B50236",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh72a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "134C2D77-A199-4239-8A1F-5B41BC06F6FF",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh72a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "669FDBEE-6FC5-429B-ABA8-E379C7D5438E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:color_laserjet_pro_mfp_4301-4303_5hh73a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0C4834-38A6-4729-8D3D-A6746DA3ADC1",
              "versionEndExcluding": "6.12.1.12-202306030312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:hp:color_laserjet_pro_mfp_4301-4303_5hh73a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C92DB95-37EA-4CD5-A66E-D7187379D5A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints."
    }
  ],
  "id": "CVE-2023-26301",
  "lastModified": "2024-11-21T07:51:05.620",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-07-21T17:15:10.090",
  "references": [
    {
      "source": "hp-security-alert@hp.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855"
    }
  ],
  "sourceIdentifier": "hp-security-alert@hp.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.