Vulnerability CVE-2009-0941


Published: 2009-03-18   Modified: 2012-02-13

Description:
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
HP Laserjet multiple models web management CSRF
Henri Lindberg
18.03.2009

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: HP
Product: Laserjet 5100 
Version: v.29.12;
Product: Laserjet 5000 
Version: r.25.47; r.25.15;
Product: Color laserjet 4370mfp 
Version: 20081211_46.211.2;
Product: Laserjet 4345mfp 
Version: 20081211_09.131.1;
Product: Laserjet 4350 
Version: 20080319_08.015.0;
Product: Laserjet 4250 
Version: 20080319_08.015.0;
Product: Laserjet 9050 
Version: 20080204_08.110.0;
Product: Laserjet 9050mfp 
Version: 20080204_08.110.0;
Product: Laserjet 9040mfp 
Version: 20080204_08.110.0;
Product: Laserjet 9040 
Version: 20080204_08.110.0;
Product: Color laserjet 9500mfp 
Version: 20070719_05.011.2;
Product: Laserjet 2430 
Version: 20070410_08.112.3;
Product: Laserjet 2420 
Version: 20070410_08.112.3;
Product: Laserjet 2410 
Version: 20070410_08.112.3;
Product: Laserjet 4000n 
Product: Laserjet 5m 
Product: Laserjet m5035 mfp 
Product: Color laserjet 1500 
Product: Laserjet 1018s 
Product: Laserjet 3000 
Product: Laserjet 500 plus 
Product: Laserjet m1522n mfp 
Product: Laserjet 1005 
Product: Laserjet 4v/mv 
Product: Laserjet iiid 
Product: Laserjet 2300 
Product: Laserjet 4 plus/m plus 
Product: Laserjet 9500 
Product: Laserjet p4010 
Product: Color laserjet 8500 
Product: Laserjet 2 
Product: Laserjet 4345 mfp 
Product: Laserjet p2015 
Product: Color laserjet 4650 
Product: Laserjet 1150 
Product: Laserjet 4200ln 
Product: Laserjet 9000 
Product: Laserjet p1500 
Product: Laserjet 4100 
Product: Laserjet 5si 
Product: Laserjet p1005 
Product: Color laserjet 2500l 
Product: Laserjet 1020 plus 
Product: Laserjet 4 
Product: Laserjet 5100dtn 
Product: Laserjet m3035 mfp 
Product: Laserjet 1012 
Product: Laserjet 2500c 
Product: Laserjet 5/m/n 
Product: Laserjet iiisi 
Product: Digital senders 
Product: Laserjet 2400 
Product: Laserjet 4m plus 
Product: Laserjet ii 
Product: Laserjet p4015 
Product: Color laserjet 9500 
Product: Laserjet 2100 
Product: Laserjet p2050 
Product: Color laserjet 4730 mfp 
Product: Laserjet 1200 
Product: Laserjet 4240n 
Product: Laserjet 9000mfp 
Product: Laserjet p1505n 
Product: Color laserjet 4600dn 
Product: Laserjet 1022n 
Product: Laserjet 4100mfp 
Product: Laserjet 8100 
Product: Laserjet p1007 
Product: Color laserjet 2500n 
Product: Laserjet 4000 
Product: Laserjet 5l 
Product: Laserjet m5025 mfp 
Product: Color laserjet 
Product: Laserjet 1018 
Product: Laserjet 2600n 
Product: Laserjet iip plus 
Product: Laserjet 1000 
Product: Laserjet 4si 
Product: Laserjet iii 
Product: Laserjet p4510 
Product: Laserjet 2200dtn 
Product: Laserjet 4650dn 
Product: Laserjet 9065 
Product: Laserjet p3005 
Product: Color laserjet 5550 
Product: Laserjet 1320 
Product: Laserjet 4300 
Product: Laserjet p2010 
Product: Color laserjet 4600hdn 
Product: Laserjet 1100 
Product: Laserjet 4200dtn 
Product: Laserjet 8150dn 
Product: Laserjet p1009 
Product: Color laserjet 2605dtn 
Product: Laserjet 4050 
Product: Laserjet 5p/mp 
Product: Laserjet p1000 
Product: Color laserjet 2500 
Product: Laserjet 1020 

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566
http://www.louhinetworks.fi/advisory/HP_20090317.txt
http://www.securityfocus.com/archive/1/501884/100/0/threaded
http://www.vupen.com/english/advisories/2009/0754

Related CVE
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types ...
CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10...
CVE-2018-7116
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7115
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7114
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7112
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installe...
CVE-2018-7111
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is th...
CVE-2018-7076
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.

Copyright 2019, cxsecurity.com

 

Back to Top