Vulnerability CVE-2012-5215


Published: 2013-03-09   Modified: 2013-03-15

Description:
Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw with firmware before 20130212; and LaserJet Pro P1102w and P1606dn with firmware before 20130213 allows remote attackers to modify data or cause a denial of service via unknown vectors.

Vendor: HP
Product: Laserjet pro cp1025nw 
Version: ce918a; ce914a;
Product: Laserjet pro m1219nf mfp 
Version: ce846a;
Product: Laserjet pro m1213nf mfp 
Version: ce845a;
Product: Laserjet pro m1217nfw multifunction printer 
Version: ce844a;
Product: Laserjet pro m1216nfh multifunction printer 
Version: ce843a;
Product: Laserjet pro m1214nfh mfp 
Version: ce842a;
Product: Laserjet pro m1212nf mfp 
Version: ce841a;
Product: Laserjet pro p1606dn 
Version: ce749a;
Product: Laserjet pro p1102w 
Version: ce658a; ce657a;
Product: Hotspot laserjet pro m1218nfs mfp 
Version: b4k88a;
Product: Laserjet pro cp1025nw firmware 
Version: 201302121;
Product: Laserjet pro p1102w firmware 
Version: 20130212;
Product: Laserjet pro p1606dn firmware 
Version: 20130212;
Product: Laserjet pro m1216nfh multifunction printer firmware 
Version: 20130210;
Product: Laserjet pro m1217nfw multifunction printer firmware 
Version: 20130210;
Product: Laserjet pro m1219nf mfp firmware 
Version: 20130210;
Product: Laserjet pro m1212nf mfp firmware 
Version: 20130210;
Product: Hotspot laserjet pro m1218nfs mfp firmware 
Version: 20130210;
Product: Laserjet pro m1213nf mfp firmware 
Version: 20130210;
Product: Laserjet pro m1214nfh mfp firmware 
Version: 20130210;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
8.8/10
9.2/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
Complete

 References:
http://www.kb.cert.org/vuls/id/782451
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03684249
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03684249

Related CVE
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types ...
CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10...
CVE-2018-7116
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote denial of service via dbman Opcode 10003 'Filename'. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7115
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7114
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
CVE-2018-7112
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installe...
CVE-2018-7111
A remote unauthorized access vulnerability was identified in HPE UIoT versions 1.5, 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Specifically, there is a malfunction identified in some section of the DSM portal and some DSM APIs. The impact of the malfunction is th...
CVE-2018-7076
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.

Copyright 2019, cxsecurity.com

 

Back to Top