9.8
CVE-2019-6327
- EPSS 0.82%
- Published 17.06.2019 16:15:12
- Last modified 21.11.2024 04:46:25
- Source hp-security-alert@hp.com
- Teams watchlist Login
- Open Login
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.
Data is provided by the National Vulnerability Database (NVD)
Hp ≫ Laserjet Pro M280-m281 T6b80a Firmware Version < 20190419
Hp ≫ Laserjet Pro M280-m281 T6b83a Firmware Version < 20190419
Hp ≫ Laserjet Pro M280-m281 T6b81a Firmware Version < 20190419
Hp ≫ Laserjet Pro M280-m281 T6b82a Firmware Version < 20190419
Hp ≫ Laserjet Pro Mfp M28-m31 W2g54a Firmware Version < 20190426
Hp ≫ Laserjet Pro Mfp M28-m31 W2g55a Firmware Version < 20190426
Hp ≫ Laserjet Pro Mfp M28-m31 Y5s53a Firmware Version < 20190426
Hp ≫ Laserjet Pro Mfp M28-m31 Y5s55a Firmware Version < 20190426
Hp ≫ Laserjet Pro Mfp M28-m31 Y5s50a Firmware Version < 20190426
Hp ≫ Laserjet Pro Mfp M28-m31 Y5s54a Firmware Version < 20190426
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.82% | 0.72 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.