Sign-up

ID

VAR-201801-0997


CVE

CVE-2017-2743


TITLE

plural HP Cross-site scripting vulnerability in printer product firmware

Trust: 0.8

sources: JVNDB: JVNDB-2017-012252

DESCRIPTION

HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack. plural HP Printer product firmware contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. HPColorLaserJetCM4540MFPCC419A and so on are all HP (HP) printer equipment. A cross-site scripting vulnerability exists in several HP products. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

Trust: 2.52

sources: NVD: CVE-2017-2743 // JVNDB: JVNDB-2017-012252 // CNVD: CNVD-2018-04189 // BID: 102836 // VULMON: CVE-2017-2743

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-04189

AFFECTED PRODUCTS

vendor:hpmodel:e6b68ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:d7p71ascope:ltversion:2308214_000928

Trust: 1.0

vendor:hpmodel:c2s11ascope:ltversion:2308214_000906

Trust: 1.0

vendor:hpmodel:g1w40ascope:ltversion:2308214_000923

Trust: 1.0

vendor:hpmodel:cf067ascope:ltversion:2308214_000921

Trust: 1.0

vendor:hpmodel:b5l46ascope:ltversion:2308214_000909

Trust: 1.0

vendor:hpmodel:cz245ascope:ltversion:2308214_000920

Trust: 1.0

vendor:hpmodel:2a71ascope:ltversion:2308214_000911

Trust: 1.0

vendor:hpmodel:ce707ascope:ltversion:2308214_000900

Trust: 1.0

vendor:hpmodel:e6b69ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:f2a77ascope:ltversion:2308214_000905

Trust: 1.0

vendor:hpmodel:cf235ascope:ltversion:2308214_000922

Trust: 1.0

vendor:hpmodel:a2w75ascope:ltversion:2308214_000928

Trust: 1.0

vendor:hpmodel:c2s12ascope:ltversion:2308214_000906

Trust: 1.0

vendor:hpmodel:cf082ascope:ltversion:2308214_000927

Trust: 1.0

vendor:hpmodel:cf083ascope:ltversion:2308214_000927

Trust: 1.0

vendor:hpmodel:2a69ascope:ltversion:2308214_000911

Trust: 1.0

vendor:hpmodel:b3g85ascope:ltversion:2308214_000912

Trust: 1.0

vendor:hpmodel:b5l23ascope:ltversion:2308214_000907

Trust: 1.0

vendor:hpmodel:e6b73ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:b5l48ascope:ltversion:2308214_000909

Trust: 1.0

vendor:hpmodel:cf066ascope:ltversion:2308214_000921

Trust: 1.0

vendor:hpmodel:e6b67ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:cf117ascope:ltversion:2308214_000913

Trust: 1.0

vendor:hpmodel:e6b70ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:ce995ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:ce994ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:2a68ascope:ltversion:2308214_000911

Trust: 1.0

vendor:hpmodel:ce989ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:cf236ascope:ltversion:2308214_000922

Trust: 1.0

vendor:hpmodel:ce503ascope:ltversion:2308214_000904

Trust: 1.0

vendor:hpmodel:cz244ascope:ltversion:2308214_000920

Trust: 1.0

vendor:hpmodel:cd645ascope:ltversion:2308214_000925

Trust: 1.0

vendor:hpmodel:cc419ascope:ltversion:2308214_000901

Trust: 1.0

vendor:hpmodel:ce990ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:cf238ascope:ltversion:2308214_000922

Trust: 1.0

vendor:hpmodel:ce709ascope:ltversion:2308214_000900

Trust: 1.0

vendor:hpmodel:l3u43ascope:ltversion:2308214_000923

Trust: 1.0

vendor:hpmodel:d3l10ascope:ltversion:2308214_000931

Trust: 1.0

vendor:hpmodel:cf367ascope:ltversion:2308214_000916

Trust: 1.0

vendor:hpmodel:d7p70ascope:ltversion:2308214_000928

Trust: 1.0

vendor:hpmodel:ce738ascope:ltversion:2308214_000904

Trust: 1.0

vendor:hpmodel:l3u44ascope:ltversion:2308214_000910

Trust: 1.0

vendor:hpmodel:g1w39ascope:ltversion:2308214_000923

Trust: 1.0

vendor:hpmodel:e6b71ascope:ltversion:_2308214_000908

Trust: 1.0

vendor:hpmodel:a2w76ascope:ltversion:2308214_000928

Trust: 1.0

vendor:hpmodel:b5l04ascope:ltversion:2308214_000902

Trust: 1.0

vendor:hpmodel:cc522ascope:ltversion:2308214_000932

Trust: 1.0

vendor:hpmodel:cd644ascope:ltversion:2308214_000925

Trust: 1.0

vendor:hpmodel:ce996ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:cf068ascope:ltversion:2308214_000921

Trust: 1.0

vendor:hpmodel:b5l47ascope:ltversion:2308214_000909

Trust: 1.0

vendor:hpmodel:b5l26ascope:ltversion:2308214_000907

Trust: 1.0

vendor:hpmodel:g1w41ascope:ltversion:2308214_000923

Trust: 1.0

vendor:hpmodel:f2a76ascope:ltversion:2308214_000905

Trust: 1.0

vendor:hpmodel:g1w46ascope:ltversion:2308214_000910

Trust: 1.0

vendor:hpmodel:g1w46vscope:ltversion:2308214_000910

Trust: 1.0

vendor:hpmodel:cf118ascope:ltversion:2308214_000913

Trust: 1.0

vendor:hpmodel:ce708ascope:ltversion:2308214_000900

Trust: 1.0

vendor:hpmodel:b5l25ascope:ltversion:2308214_000907

Trust: 1.0

vendor:hpmodel:g1w47ascope:ltversion:2308214_000910

Trust: 1.0

vendor:hpmodel:ce993ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:d3l08ascope:ltversion:2308214_000931

Trust: 1.0

vendor:hpmodel:d3l09ascope:ltversion:2308214_000931

Trust: 1.0

vendor:hpmodel:ce992ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:cc421ascope:ltversion:2308214_000901

Trust: 1.0

vendor:hpmodel:a2w79ascope:ltversion:2308214_000930

Trust: 1.0

vendor:hpmodel:f2a81ascope:ltversion:2308214_000905

Trust: 1.0

vendor:hpmodel:l3u42ascope:ltversion:2308214_000923

Trust: 1.0

vendor:hpmodel:cc524ascope:ltversion:2308214_000932

Trust: 1.0

vendor:hpmodel:cc420ascope:ltversion:2308214_000901

Trust: 1.0

vendor:hpmodel:l2717ascope:ltversion:2308214_000903

Trust: 1.0

vendor:hpmodel:cf081ascope:ltversion:2308214_000927

Trust: 1.0

vendor:hpmodel:cf116ascope:ltversion:2308214_000913

Trust: 1.0

vendor:hpmodel:cd646ascope:ltversion:2308214_000925

Trust: 1.0

vendor:hpmodel:g1w47vscope:ltversion:2308214_000910

Trust: 1.0

vendor:hpmodel:b5l07ascope:ltversion:2308214_000902

Trust: 1.0

vendor:hpmodel:cf069ascope:ltversion:2308214_000921

Trust: 1.0

vendor:hpmodel:b5l05ascope:ltversion:2308214_000902

Trust: 1.0

vendor:hpmodel:e6b72ascope:ltversion:2308214_000908

Trust: 1.0

vendor:hpmodel:b5l24ascope:ltversion:2308214_000907

Trust: 1.0

vendor:hpmodel:cc523ascope:ltversion:2308214_000932

Trust: 1.0

vendor:hpmodel:a2w77ascope:ltversion:2308214_000930

Trust: 1.0

vendor:hpmodel:a2w78ascope:ltversion:2308214_000930

Trust: 1.0

vendor:hpmodel:j7x28ascope:ltversion:_2308214_000912

Trust: 1.0

vendor:hpmodel:ce991ascope:ltversion:2308214_000926

Trust: 1.0

vendor:hpmodel:2a70ascope:ltversion:2308214_000911

Trust: 1.0

vendor:hpmodel:ce504ascope:ltversion:2308214_000904

Trust: 1.0

vendor:hewlett packardmodel:2a68ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:a2w76ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:a2w77ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:b3g85ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:b5l04ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:b5l23ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:b5l24ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:b5l46ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:c2s11ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cc419ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:cc522ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cd644ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cd646ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:ce503ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:ce707ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:ce989ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:ce991ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:ce994ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf066ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf081ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf116ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf118ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf235ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cf367ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cz244ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cz250ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:cz255ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:d3l08ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:e6b67ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:e6b69ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:e6b72ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:f2a76ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:g1w40ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:g1w46ascope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:j7x28ascope:eqversion:firmware

Trust: 0.8

vendor:hewlett packardmodel:l2717ascope: - version: -

Trust: 0.8

vendor:hpmodel:color laserjet cm4540 mfp cc419a 2308214 000901scope: - version: -

Trust: 0.6

vendor:hpmodel:color laserjet cm4540 mfp cc420a 2308214 000901scope: - version: -

Trust: 0.6

vendor:hpmodel:color laserjet cm4540 mfp cc421a 2308214 000901scope: - version: -

Trust: 0.6

vendor:hpmodel:color laserjet cp5525 ce707a <2308214 000900scope: - version: -

Trust: 0.6

vendor:hpmodel:color laserjet cp5525 ce708a <2308214 000900scope: - version: -

Trust: 0.6

vendor:hpmodel:color laserjet cp5525 ce709a <2308214 000900scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet enterprise m4555 mfp ce503a <2308214 000904scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet enterprise m4555 mfp ce504a <2308214 000904scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet enterprise m4555 mfp ce738a <2308214 000904scope: - version: -

Trust: 0.6

vendor:hpmodel:scanjet enterprise document capture workstation l2717ascope:eqversion:85000

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf069ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf068ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf067ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf066ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise m806 cz245ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise m806 cz244ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce738ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce504ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce503ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise flow mfp m525c cf118ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise flow m830z mfp cf367ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf083ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf082ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf081ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 d7p71ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 d7p70ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 a2w76ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 a2w75ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w79ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w78ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w77ascope:eqversion:8000

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m525f cf117ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m525f cf116ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m575dn cd645ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m575dn cd644ascope:eqversion:5000

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l10ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l09ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l08ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce709ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce708ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce707ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc421ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc420ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc419ascope:eqversion:0

Trust: 0.3

vendor:hpmodel:scanjet enterprise document capture workstation l2717a 2308214 000903scope:neversion:8500

Trust: 0.3

vendor:hpmodel:pagewide enterprise color l3u44a 2308214 000910scope:neversion:x556

Trust: 0.3

vendor:hpmodel:pagewide enterprise color g1w47v 2308214 000910scope:neversion:x556

Trust: 0.3

vendor:hpmodel:pagewide enterprise color g1w47a 2308214 000910scope:neversion:x556

Trust: 0.3

vendor:hpmodel:pagewide enterprise color g1w46v 2308214 000910scope:neversion:x556

Trust: 0.3

vendor:hpmodel:pagewide enterprise color g1w46a 2308214 000910scope:neversion:x556

Trust: 0.3

vendor:hpmodel:pagewide enterprise color mfp l3u43a 2308214 000923scope:neversion:x586

Trust: 0.3

vendor:hpmodel:pagewide enterprise color mfp l3u42a 2308214 000923scope:neversion:x586

Trust: 0.3

vendor:hpmodel:pagewide enterprise color mfp g1w41a 2308214 000923scope:neversion:x586

Trust: 0.3

vendor:hpmodel:pagewide enterprise color mfp g1w40a 2308214 000923scope:neversion:x586

Trust: 0.3

vendor:hpmodel:pagewide enterprise color mfp g1w39a 2308214 000923scope:neversion:x586

Trust: 0.3

vendor:hpmodel:officejet enterprise color c2s12a 2308214 000906scope:neversion:x555

Trust: 0.3

vendor:hpmodel:officejet enterprise color c2s11a 2308214 000906scope:neversion:x555

Trust: 0.3

vendor:hpmodel:officejet enterprise color mfp b5l07a 2308214 000902scope:neversion:x585

Trust: 0.3

vendor:hpmodel:officejet enterprise color mfp b5l05a 2308214 000902scope:neversion:x585

Trust: 0.3

vendor:hpmodel:officejet enterprise color mfp b5l04a 2308214 000902scope:neversion:x585

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf069a 2308214 000921scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf068a 2308214 000921scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf067a 2308214 000921scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m725 cf066a 2308214 000921scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m630 j7x28a 2308214 000912scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m806 cz245a 2308214 000920scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m806 cz244a 2308214 000920scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m605 e6b71a 2308214 000908scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m605 e6b70a 2308214 000908scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m605 e6b69a 2308214 000908scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m604 e6b68a 2308214 000908scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m604 e6b67a 2308214 000908scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce738a 2308214 000904scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce504a 2308214 000904scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise m4555 mfp ce503a 2308214 000904scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise flow mfp m630z b3g85a 2308214 000912scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise flow mfp m525c cf118a 2308214 000913scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise flow m830z mfp cf367a 2308214 000916scope:neversion: -

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf083a 2308214 000927scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf082a 2308214 000927scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m551 series cf081a 2308214 000927scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 d7p71a 2308214 000928scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 d7p70a 2308214 000928scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 a2w76a 2308214 000928scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m880 a2w75a 2308214 000928scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w79a 2308214 000930scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w78a 2308214 000930scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise color m855 a2w77a 2308214 000930scope:neversion:800

Trust: 0.3

vendor:hpmodel:laserjet enterprise m712xh cf238a 2308214 000922scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise m712xh cf236a 2308214 000922scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise m712xh cf235a 2308214 000922scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m775 series cc524a 2308214 000932scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m775 series cc523a 2308214 000932scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m775 series cc522a 2308214 000932scope:neversion:700

Trust: 0.3

vendor:hpmodel:laserjet enterprise m603xh ce996a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m603xh ce995a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m603xh ce994a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m602 ce993a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m602 ce992a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m602 ce991a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m601 ce990a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise m601 ce989a 2308214 000926scope:neversion:600

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m525f cf117a 2308214 000913scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise mfp m525f cf116a 2308214 000913scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m575dn cd645a 2308214 000925scope:neversion:500

Trust: 0.3

vendor:hpmodel:laserjet enterprise color mfp m575dn cd644a 2308214 000925scope:neversion:500

Trust: 0.3

vendor:hpmodel:color laserjet m680 cz251a 2308214 000915scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet m680 cz250a 2308214 000915scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise mfp m577 b5l48a 2308214 000909scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise mfp m577 b5l47a 2308214 000909scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise mfp m577 b5l46a 2308214 000909scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l10a 2308214 000931scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l09a 2308214 000931scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m750 d3l08a 2308214 000931scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m651 cz258a 2308214 000929scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m651 cz257a 2308214 000929scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m651 cz256a 2308214 000929scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m651 cz255a 2308214 000929scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m553 b5l26a 2308214 000907scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m553 b5l25a 2308214 000907scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m553 b5l24a 2308214 000907scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet enterprise m552 b5l23a 2308214 000907scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce709a 2308214 000900scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce708a 2308214 000900scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cp5525 ce707a 2308214 000900scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc421a 2308214 000901scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc420a 2308214 000901scope:neversion: -

Trust: 0.3

vendor:hpmodel:color laserjet cm4540 mfp cc419a 2308214 000901scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2018-04189 // BID: 102836 // JVNDB: JVNDB-2017-012252 // NVD: CVE-2017-2743

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-2743
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-2743
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-04189
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201801-877
value: MEDIUM

Trust: 0.6

VULMON: CVE-2017-2743
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-2743
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-04189
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2017-2743
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-04189 // VULMON: CVE-2017-2743 // JVNDB: JVNDB-2017-012252 // CNNVD: CNNVD-201801-877 // NVD: CVE-2017-2743

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2017-012252 // NVD: CVE-2017-2743

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-877

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201801-877

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012252

PATCH
title:HPSBPI03559url:https://support.hp.com/us-en/document/c05541569
Trust: 0.8
title:Patches for multiple HP product cross-site scripting vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/120055
Trust: 0.6
title:Multiple HP Fixes for product cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78029
Trust: 0.6
title:HP: HPSBPI03559 rev 1  -  HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS, Cross Site Scripting (XSS)url:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=HPSBPI03559
Trust: 0.1
title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN
HPSBPI03559 rev 1  -  HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS, Cross Site Scripting (XSS)url:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=bc05e8047932237aeb8d9f20414e0894
Trust: 0.1
title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN
HPSBPI03559 rev 1  -  HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS, Cross Site Scripting (XSS)url:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=d7d48b64d963669169ce4692038bfbdd
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-04189 // 
            
            
            
            VULMON: CVE-2017-2743 // 
            
            
            
            JVNDB: JVNDB-2017-012252 // 
            
            
            
            CNNVD: CNNVD-201801-877

EXTERNAL IDS
db:NVDid:CVE-2017-2743
Trust: 3.4
db:JVNDBid:JVNDB-2017-012252
Trust: 0.8
db:CNVDid:CNVD-2018-04189
Trust: 0.6
db:CNNVDid:CNNVD-201801-877
Trust: 0.6
db:BIDid:102836
Trust: 0.4
db:VULMONid:CVE-2017-2743
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-04189 // 
            
            
            
            VULMON: CVE-2017-2743 // 
            
            
            
            BID: 102836 // 
            
            
            
            JVNDB: JVNDB-2017-012252 // 
            
            
            
            CNNVD: CNNVD-201801-877 // 
            
            
            
            NVD: CVE-2017-2743

REFERENCES
url:https://support.hp.com/us-en/document/c05541569
Trust: 2.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2743
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-2743
Trust: 0.8
url:http://www.hp.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/79.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/102836
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-04189 // 
            
            
            
            VULMON: CVE-2017-2743 // 
            
            
            
            BID: 102836 // 
            
            
            
            JVNDB: JVNDB-2017-012252 // 
            
            
            
            CNNVD: CNNVD-201801-877 // 
            
            
            
            NVD: CVE-2017-2743

CREDITS
Jerry Decime
Trust: 0.3
sources:
            
            
            BID: 102836

SOURCES
db:CNVDid:CNVD-2018-04189
db:VULMONid:CVE-2017-2743
db:BIDid:102836
db:JVNDBid:JVNDB-2017-012252
db:CNNVDid:CNNVD-201801-877
db:NVDid:CVE-2017-2743

LAST UPDATE DATE
2024-11-23T22:07:01.545000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-04189date:2018-03-02T00:00:00
db:VULMONid:CVE-2017-2743date:2018-02-13T00:00:00
db:BIDid:102836date:2017-06-15T00:00:00
db:JVNDBid:JVNDB-2017-012252date:2018-03-01T00:00:00
db:CNNVDid:CNNVD-201801-877date:2018-01-24T00:00:00
db:NVDid:CVE-2017-2743date:2024-11-21T03:24:05.877

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-04189date:2018-03-02T00:00:00
db:VULMONid:CVE-2017-2743date:2018-01-23T00:00:00
db:BIDid:102836date:2017-06-15T00:00:00
db:JVNDBid:JVNDB-2017-012252date:2018-03-01T00:00:00
db:CNNVDid:CNNVD-201801-877date:2018-01-24T00:00:00
db:NVDid:CVE-2017-2743date:2018-01-23T16:29:01.087