CVE-2019-6332

EPSS 0.24%
Published 09.01.2020 19:15:10
Last modified 21.11.2024 04:46:25
Source hp-security-alert@hp.com
Teams watchlist Login
Open Login

A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Deskjet 2600 4uj28b Firmware Version < 1923

Hp ≫ Deskjet 2600 4uj28b Version-

Hp ≫ Deskjet 2600 V1n01a Firmware Version < 1923

Hp ≫ Deskjet 2600 V1n01a Version-

Hp ≫ Deskjet 2600 V1n08a Firmware Version < 1923

Hp ≫ Deskjet 2600 V1n08a Version-

Hp ≫ Deskjet 2600 Y5h60a Firmware Version < 1923

Hp ≫ Deskjet 2600 Y5h60a Version-

Hp ≫ Deskjet 2600 Y5h80a Firmware Version < 1923

Hp ≫ Deskjet 2600 Y5h80a Version-

Hp ≫ Deskjet Ink Advantage 2600 V1n02a Firmware Version < 1923

Hp ≫ Deskjet Ink Advantage 2600 V1n02a Version-

Hp ≫ Deskjet Ink Advantage 2600 V1n02b Firmware Version < 1923

Hp ≫ Deskjet Ink Advantage 2600 V1n02b Version-

Hp ≫ Deskjet Ink Advantage 2600 Y5z00a Firmware Version < 1923

Hp ≫ Deskjet Ink Advantage 2600 Y5z00a Version-

Hp ≫ Deskjet Ink Advantage 2600 Y5z04b Firmware Version <= 1923

Hp ≫ Deskjet Ink Advantage 2600 Y5z04b Version-

Hp ≫ Deskjet Ink Advantage 5000 M2u86a Firmware Version < 003.1925a

Hp ≫ Deskjet Ink Advantage 5000 M2u86a Version-

Hp ≫ Deskjet Ink Advantage 5000 M2u89b Firmware Version < 003.1925a

Hp ≫ Deskjet Ink Advantage 5000 M2u89b Version-

Hp ≫ Deskjet Ink Advantage 5200 M2u76a Firmware Version < 003.1925a

Hp ≫ Deskjet Ink Advantage 5200 M2u76a Version-

Hp ≫ Deskjet Ink Advantage 5200 M2u78b Firmware Version < 003.1925a

Hp ≫ Deskjet Ink Advantage 5200 M2u78b Version-

Hp ≫ Envy 5000 M2u85a Firmware Version < 003.1925a

Hp ≫ Envy 5000 M2u85a Version-

Hp ≫ Envy 5000 M2u85b Firmware Version < 003.1925a

Hp ≫ Envy 5000 M2u85b Version-

Hp ≫ Envy 5000 M2u91a Firmware Version < 003.1925a

Hp ≫ Envy 5000 M2u91a Version-

Hp ≫ Envy 5000 M2u94b Firmware Version < 003.1925a

Hp ≫ Envy 5000 M2u94b Version-

Hp ≫ Envy 5000 Z4a54a Firmware Version < 003.1925a

Hp ≫ Envy 5000 Z4a54a Version-

Hp ≫ Envy 5000 Z4a74a Firmware Version < 003.1925a

Hp ≫ Envy 5000 Z4a74a Version-

Hp ≫ Envy Photo 6200 K7g18a Firmware Version < 003.1925a

Hp ≫ Envy Photo 6200 K7g18a Version-

Hp ≫ Envy Photo 6200 K7g26b Firmware Version < 003.1925a

Hp ≫ Envy Photo 6200 K7g26b Version-

Hp ≫ Envy Photo 6200 K7s21b Firmware Version < 003.1925a

Hp ≫ Envy Photo 6200 K7s21b Version-

Hp ≫ Envy Photo 6200 Y0k13d Firmware Version < 003.1925a

Hp ≫ Envy Photo 6200 Y0k13d Version-

Hp ≫ Envy Photo 6200 Y0k15a Firmware Version < 003.1925a

Hp ≫ Envy Photo 6200 Y0k15a Version-

Hp ≫ Envy Photo 7100 3xd89a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7100 3xd89a Version-

Hp ≫ Envy Photo 7100 K7g93a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7100 K7g93a Version-

Hp ≫ Envy Photo 7100 K7g99a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7100 K7g99a Version-

Hp ≫ Envy Photo 7100 Z3m37a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7100 Z3m37a Version-

Hp ≫ Envy Photo 7100 Z3m52a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7100 Z3m52a Version-

Hp ≫ Envy Photo 7800 K7r96a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7800 K7r96a Version-

Hp ≫ Envy Photo 7800 K7s00a Firmware Version < 003.1925a

Hp ≫ Envy Photo 7800 K7s00a Version-

Hp ≫ Envy Photo 7800 K7s10d Firmware Version < 003.1925a

Hp ≫ Envy Photo 7800 K7s10d Version-

Hp ≫ Envy Photo 7800 Y0g42d Firmware Version < 003.1925a

Hp ≫ Envy Photo 7800 Y0g42d Version-

Hp ≫ Envy Photo 7800 Y0g52b Firmware Version < 003.1925a

Hp ≫ Envy Photo 7800 Y0g52b Version-

Hp ≫ Ink Tank Wireless 410 Z4b53a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 Z4b53a Version-

Hp ≫ Ink Tank Wireless 410 Z4b55a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 Z4b55a Version-

Hp ≫ Ink Tank Wireless 410 Z6z95a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 Z6z95a Version-

Hp ≫ Ink Tank Wireless 410 Z6z99a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 Z6z99a Version-

Hp ≫ Ink Tank Wireless 410 4dx94a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 4dx94a Version-

Hp ≫ Ink Tank Wireless 410 4dx95a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 4dx95a Version-

Hp ≫ Ink Tank Wireless 410 4yf79a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 4yf79a Version-

Hp ≫ Ink Tank Wireless 410 Z7a01a Firmware Version < 1924

Hp ≫ Ink Tank Wireless 410 Z7a01a Version-

Hp ≫ Officejet 5200 M2u75a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 M2u75a Version-

Hp ≫ Officejet 5200 M2u81a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 M2u81a Version-

Hp ≫ Officejet 5200 M2u84b Firmware Version < 003.1925a

Hp ≫ Officejet 5200 M2u84b Version-

Hp ≫ Officejet 5200 Z4b12a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 Z4b12a Version-

Hp ≫ Officejet 5200 Z4b14a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 Z4b14a Version-

Hp ≫ Officejet 5200 Z4b27a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 Z4b27a Version-

Hp ≫ Officejet 5200 Z4b29a Firmware Version < 003.1925a

Hp ≫ Officejet 5200 Z4b29a Version-

Hp ≫ Smart Tank Wireless 450 Z4b56a Firmware Version < 1924

Hp ≫ Smart Tank Wireless 450 Z4b56a Version-

Hp ≫ Smart Tank Wireless 450 Z6z96a Firmware Version < 1924

Hp ≫ Smart Tank Wireless 450 Z6z96a Version-

Hp ≫ Smart Tank Wireless 450 Z6z98a Firmware Version < 1924

Hp ≫ Smart Tank Wireless 450 Z6z98a Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.24%	0.436

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.8	1.7	2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://support.hp.com/in-en/document/c06428029

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-6332

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-6332

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-6332

EUVD