HP LaserJet Pro Printers Unauthorized Data Access (April 2013)

Medium Nessus Plugin ID 66358

Synopsis

The remote printer is potentially affected by an unauthorized data access vulnerability.

Description

The remote HP printer is potentially affected by an unauthorized data access vulnerability. By exploiting this flaw, a remote, unauthenticated attacker could gain access to sensitive information.

Solution

Update the printer's firmware or disable file system access via the Postscript interface.

See Also

http://www.nessus.org/u?69735802

https://www.securityfocus.com/archive/1/531265/30/0/threaded

Plugin Details

Severity: Medium

ID: 66358

File Name: hp_laserjetpro_data_access2.nbin

Version: 1.48

Type: remote

Family: Misc.

Published: 2013/05/09

Updated: 2019/11/27

Dependencies: 36128, 58184

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2012-5221

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/04/25

Vulnerability Publication Date: 2013/04/25

Reference Information

CVE: CVE-2012-5221

BID: 59511

IAVB: 2013-B-0043