7.5

CVE-2025-2268

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp6gx09a Firmware Version < 2025-03-24
   Hp6gx09a Version-
Hp6gx09e Firmware Version < 2025-03-24
   Hp6gx09e Version-
Hp9yf91e Firmware Version < 2025-03-24
   Hp9yf91e Version-
Hp9yg02e Firmware Version < 2025-03-24
   Hp9yg02e Version-
Hp9yg05e Firmware Version < 2025-03-24
   Hp9yg05e Version-
Hp6gw71a Firmware Version < 2025-03-24
   Hp6gw71a Version-
Hp6gw99a Firmware Version < 2025-03-24
   Hp6gw99a Version-
Hp6gx00a Firmware Version < 2025-03-24
   Hp6gx00a Version-
Hp6gx03a Firmware Version < 2025-03-24
   Hp6gx03a Version-
Hp6gx04a Firmware Version < 2025-03-24
   Hp6gx04a Version-
Hp6gx05a Firmware Version < 2025-03-24
   Hp6gx05a Version-
Hp6gx06a Firmware Version < 2025-03-24
   Hp6gx06a Version-
Hp9yf88a Firmware Version < 2025-03-24
   Hp9yf88a Version-
Hp9yf89a Firmware Version < 2025-03-24
   Hp9yf89a Version-
Hp9yf90a Firmware Version < 2025-03-24
   Hp9yf90a Version-
Hp9yf91a Firmware Version < 2025-03-24
   Hp9yf91a Version-
Hp9yf92a Firmware Version < 2025-03-24
   Hp9yf92a Version-
Hp9yf94a Firmware Version < 2025-03-24
   Hp9yf94a Version-
Hp9yf95a Firmware Version < 2025-03-24
   Hp9yf95a Version-
Hp9yf96a Firmware Version < 2025-03-24
   Hp9yf96a Version-
Hp9yf97a Firmware Version < 2025-03-24
   Hp9yf97a Version-
Hp9yf98a Firmware Version < 2025-03-24
   Hp9yf98a Version-
Hp9yg02a Firmware Version < 2025-03-24
   Hp9yg02a Version-
Hp9yg05a Firmware Version < 2025-03-24
   Hp9yg05a Version-
Hp9yg08a Firmware Version < 2025-03-24
   Hp9yg08a Version-
Hp9yg09a Firmware Version < 2025-03-24
   Hp9yg09a Version-
Hp9yg10a Firmware Version < 2025-03-24
   Hp9yg10a Version-
Hp9yg11a Firmware Version < 2025-03-24
   Hp9yg11a Version-
Hp1y7d4a Firmware Version < 2025-03-24
   Hp1y7d4a Version-
Hp2a129a Firmware Version < 2025-03-24
   Hp2a129a Version-
Hp2a130a Firmware Version < 2025-03-24
   Hp2a130a Version-
Hp2u589a Firmware Version < 2025-03-24
   Hp2u589a Version-
Hp2u589f Firmware Version < 2025-03-24
   Hp2u589f Version-
Hp7md69a Firmware Version < 2025-03-24
   Hp7md69a Version-
Hp7md70a Firmware Version < 2025-03-24
   Hp7md70a Version-
Hp7md70f Firmware Version < 2025-03-24
   Hp7md70f Version-
Hp7md71a Firmware Version < 2025-03-24
   Hp7md71a Version-
Hp7md72a Firmware Version < 2025-03-24
   Hp7md72a Version-
Hp7md73a Firmware Version < 2025-03-24
   Hp7md73a Version-
Hp7md74a Firmware Version < 2025-03-24
   Hp7md74a Version-
Hp6gw99e Firmware Version < 2025-03-24
   Hp6gw99e Version-
Hp6gx00e Firmware Version < 2025-03-24
   Hp6gx00e Version-
Hp6gx01a Firmware Version < 2025-03-24
   Hp6gx01a Version-
Hp6gx02e Firmware Version < 2025-03-24
   Hp6gx02e Version-
Hp6gx05e Firmware Version < 2025-03-24
   Hp6gx05e Version-
Hp7md75a Firmware Version < 2025-03-24
   Hp7md75a Version-
Hp7md76a Firmware Version < 2025-03-24
   Hp7md76a Version-
Hp2a130e Firmware Version < 2025-03-24
   Hp2a130e Version-
Hp2u589e Firmware Version < 2025-03-24
   Hp2u589e Version-
Hp6hu08a Firmware Version < 2025-03-24
   Hp6hu08a Version-
Hp7md70e Firmware Version < 2025-03-24
   Hp7md70e Version-
Hp7md72e Firmware Version < 2025-03-24
   Hp7md72e Version-
Hp7md74e Firmware Version < 2025-03-24
   Hp7md74e Version-
Hp7md76e Firmware Version < 2025-03-24
   Hp7md76e Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.389
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
hp-security-alert@hp.com 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-241 Improper Handling of Unexpected Data Type

The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).