Vulnerability CVE-2012-5215


Published: 2013-03-09   Modified: 2013-03-15

Description:
Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw with firmware before 20130212; and LaserJet Pro P1102w and P1606dn with firmware before 20130213 allows remote attackers to modify data or cause a denial of service via unknown vectors.

Vendor: HP
Product: Laserjet pro cp1025nw 
Version: ce918a; ce914a;
Product: Laserjet pro m1219nf mfp 
Version: ce846a;
Product: Laserjet pro m1213nf mfp 
Version: ce845a;
Product: Laserjet pro m1217nfw multifunction printer 
Version: ce844a;
Product: Laserjet pro m1216nfh multifunction printer 
Version: ce843a;
Product: Laserjet pro m1214nfh mfp 
Version: ce842a;
Product: Laserjet pro m1212nf mfp 
Version: ce841a;
Product: Laserjet pro p1606dn 
Version: ce749a;
Product: Laserjet pro p1102w 
Version: ce658a; ce657a;
Product: Hotspot laserjet pro m1218nfs mfp 
Version: b4k88a;
Product: Laserjet pro cp1025nw firmware 
Version: 201302121;
Product: Laserjet pro p1102w firmware 
Version: 20130212;
Product: Laserjet pro p1606dn firmware 
Version: 20130212;
Product: Laserjet pro m1216nfh multifunction printer firmware 
Version: 20130210;
Product: Laserjet pro m1217nfw multifunction printer firmware 
Version: 20130210;
Product: Laserjet pro m1219nf mfp firmware 
Version: 20130210;
Product: Laserjet pro m1212nf mfp firmware 
Version: 20130210;
Product: Hotspot laserjet pro m1218nfs mfp firmware 
Version: 20130210;
Product: Laserjet pro m1213nf mfp firmware 
Version: 20130210;
Product: Laserjet pro m1214nfh mfp firmware 
Version: 20130210;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
8.8/10
9.2/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
Complete

 References:
http://www.kb.cert.org/vuls/id/782451
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03684249
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03684249

Related CVE
CVE-2019-11986
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-11985
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-11984
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-11983
A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
CVE-2019-11982
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39.
CVE-2019-11980
A remote code exection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-11979
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
CVE-2019-11978
A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.

Copyright 2019, cxsecurity.com

 

Back to Top