Detections
Analytics

HP LaserJet Printers Path Traversal (CVE-2012-5221)

high Tenable OT Security Plugin ID 505356

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?c2e6bc8f

http://www.nessus.org/u?cfa6dd02

Plugin Details

Severity: High

ID: 505356

File Name: tenable_ot_hp_CVE-2012-5221.nasl

Version: 1.1

Type: Remote

Family: Tenable.ot

Published: 5/26/2026

Updated: 5/26/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2012-5221

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/h:hp:laserjet_9050, cpe:/h:hp:laserjet_4250, cpe:/h:hp:laserjet_4350, cpe:/h:hp:laserjet_9040, cpe:/h:hp:color_laserjet_cm4730_mfp, cpe:/h:hp:color_laserjet_cp3505, cpe:/h:hp:color_laserjet_cp6015, cpe:/h:hp:laserjet_4240, cpe:/h:hp:laserjet_4345_mfp, cpe:/h:hp:laserjet_5200n, cpe:/h:hp:laserjet_9040_mfp, cpe:/h:hp:laserjet_9050_mfp, cpe:/h:hp:laserjet_m3027_mfp, cpe:/h:hp:laserjet_m3035_mfp, cpe:/h:hp:laserjet_m5025_mfp, cpe:/h:hp:laserjet_p4014, cpe:/h:hp:laserjet_p4515, cpe:/h:hp:color_laserjet_4700, cpe:/h:hp:color_laserjet_5550, cpe:/h:hp:color_laserjet_9500_mfp, cpe:/h:hp:laserjet_m4345_mfp, cpe:/h:hp:laserjet_m5035_mfp, cpe:/h:hp:laserjet_p3005, cpe:/h:hp:laserjet_p4015, cpe:/h:hp:color_laserjet_3000, cpe:/h:hp:color_laserjet_3800, cpe:/h:hp:color_laserjet_cp3525, cpe:/h:hp:color_laserjet_cp4005, cpe:/h:hp:color_laserjet_enterprise_cp4525, cpe:/h:hp:laserjet_enterprise_p3015, cpe:/h:hp:color_laserjet_cm3530_mfp, cpe:/h:hp:laserjet_5200l, cpe:/h:hp:laserjet_m9050_mfp, cpe:/h:hp:color_laserjet_cm6040_mfp, cpe:/h:hp:color_laserjet_cm6030_mfp, cpe:/h:hp:color_laserjet_enterprise_cp4025, cpe:/h:hp:laserjet_m9040_mfp

Required KB Items: Tenable.ot/HP

Patch Publication Date: 4/29/2013

Vulnerability Publication Date: 4/29/2013

Reference Information

CVE: CVE-2012-5221

CWE: 22