8.8
CVE-2023-35176
- EPSS 0.29%
- Veröffentlicht 30.06.2023 16:15:09
- Zuletzt bearbeitet 21.11.2024 08:08:05
- Quelle hp-security-alert@hp.com
- Teams Watchlist Login
- Unerledigt Login
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Laserjet Pro Mfp M478-m479 W1a75a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a76a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a77a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a78a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a79a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a80a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a81a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M478-m479 W1a82a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y40a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y41a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y43a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y44a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y45a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y46a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M453-m454 W1y47a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M304-m305 W1a46a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M304-m305 W1a47a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M304-m305 W1a48a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M304-m305 W1a66a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 93m22a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a51a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a52a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a53a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a56a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a57a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a58a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a59a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a60a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro M404-m405 W1a63a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a29a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a30a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a32a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a34a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a35a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 F W1a38a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 W1a28a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 W1a31a Firmware Version < 002_2322c
Hp ≫ Laserjet Pro Mfp M428-m429 W1a33a Firmware Version < 002_2322c
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.519 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.