Details of VAR-201906-0402

ID

VAR-201906-0402

CVE

CVE-2019-6327

TITLE

HP Color LaserJet Pro M280-M281 and MFP M28-M31 Multifunction Printer Series buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-005536

DESCRIPTION

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow. HPColorLaserJetProM280-M281MultifunctionPrinterseries and HPLaserJetProMFPM28-M31Printerseries are HP (HP) printer products. A buffer overflow vulnerability exists in versions prior to HPColorLaserJetProM280-M281MultifunctionPrinterseries20190419 and prior versions of HPLaserJetProMFPM28-M31Printerseries20190426. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow. A cross-site scripting vulnerability 2. A cross-site request forgery vulnerability 3. An HTML-injection vulnerability 4. Multiple buffer-overflow vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, execute arbitrary code within the context o f the affected device

Trust: 2.52

sources: NVD: CVE-2019-6327 // JVNDB: JVNDB-2019-005536 // CNVD: CNVD-2019-23317 // BID: 108828 // VULMON: CVE-2019-6327

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-23317

AFFECTED PRODUCTS

vendor:	hp	model:	laserjet pro m280-m281 t6b81a	scope:	lt	version:	20190419	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 w2g54a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro m280-m281 t6b82a	scope:	lt	version:	20190419	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 y5s53a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro m280-m281 t6b83a	scope:	lt	version:	20190419	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 w2g55a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 y5s55a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 y5s54a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro mfp m28-m31 y5s50a	scope:	lt	version:	20190426	Trust: 1.0
vendor:	hp	model:	laserjet pro m280-m281 t6b80a	scope:	lt	version:	20190419	Trust: 1.0
vendor:	hewlett packard	model:	t6b80a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	t6b81a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	t6b82a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	t6b83a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	w2g54a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	w2g55a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	y5s50a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	y5s53a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	y5s54a	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	y5s55a	scope:	-	version:	-	Trust: 0.8
vendor:	hp	model:	color laserjet pro mm multifunction printer series	scope:	lt	version:	20190419	Trust: 0.6
vendor:	hp	model:	laserjet pro mfp mm printer series	scope:	lt	version:	20190426	Trust: 0.6
vendor:	hp	model:	laserjet pro mfp m28-m31 printer	scope:	eq	version:	0	Trust: 0.3
vendor:	hp	model:	color laserjet pro m280-m281 multifunction printer	scope:	eq	version:	0	Trust: 0.3
vendor:	hp	model:	laserjet pro mfp m28-m31 printer	scope:	ne	version:	20190426	Trust: 0.3
vendor:	hp	model:	color laserjet pro m280-m281 multifunction printer	scope:	ne	version:	20190419	Trust: 0.3

sources: CNVD: CNVD-2019-23317 // BID: 108828 // JVNDB: JVNDB-2019-005536 // NVD: CVE-2019-6327

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6327
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-6327
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2019-23317
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201906-653
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2019-6327
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-6327
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-23317
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2019-6327
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-6327
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2019-23317 // VULMON: CVE-2019-6327 // JVNDB: JVNDB-2019-005536 // CNNVD: CNNVD-201906-653 // NVD: CVE-2019-6327

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	CWE-119	Trust: 0.8

sources: JVNDB: JVNDB-2019-005536 // NVD: CVE-2019-6327

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-653

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201906-653

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005536

PATCH

title:	c06356322	url:	https://support.hp.com/us-en/document/c06356322	Trust: 0.8
title:	Patch for HPColorLaserJetProM280-M281MultifunctionPrinterseries and HPLaserJetProMFPM28-M31Printerseries Buffer Overflow Vulnerability (CNVD-2019-23317)	url:	https://www.cnvd.org.cn/patchInfo/show/169497	Trust: 0.6
title:	HP Color LaserJet Pro M280-M281 Multifunction Printer series and HP LaserJet Pro MFP M28-M31 Printer series Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93862	Trust: 0.6
title:	HP: HPSBPI03619 rev. 1 - Certain HP LaserJet Pro and MFP Printers, Multiple Potential Security Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=HPSBPI03619	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03619 rev. 2 - Certain HP LaserJet Pro and MFP Printers, Multiple Potential Security Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=ba64aca578c0d92038b9ebc28339506c	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03619 rev. 2 - Certain HP LaserJet Pro and MFP Printers, Multiple Potential Security Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=cdb96be2e472163f1a304e2ae979d5f4	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/office-printers-hackers-open-door/147083/	Trust: 0.1

sources: CNVD: CNVD-2019-23317 // VULMON: CVE-2019-6327 // JVNDB: JVNDB-2019-005536 // CNNVD: CNNVD-201906-653

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6327	Trust: 3.4
db:	JVNDB	id:	JVNDB-2019-005536	Trust: 0.8
db:	CNVD	id:	CNVD-2019-23317	Trust: 0.6
db:	CNNVD	id:	CNNVD-201906-653	Trust: 0.6
db:	BID	id:	108828	Trust: 0.3
db:	VULMON	id:	CVE-2019-6327	Trust: 0.1

sources: CNVD: CNVD-2019-23317 // VULMON: CVE-2019-6327 // BID: 108828 // JVNDB: JVNDB-2019-005536 // CNNVD: CNNVD-201906-653 // NVD: CVE-2019-6327

REFERENCES

url:	https://support.hp.com/us-en/document/c06356322	Trust: 2.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6327	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6327	Trust: 0.8
url:	https://vigilance.fr/vulnerability/hp-laserjet-pro-five-vulnerabilities-29557	Trust: 0.6
url:	www.hp.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/120.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/office-printers-hackers-open-door/147083/	Trust: 0.1

sources: CNVD: CNVD-2019-23317 // VULMON: CVE-2019-6327 // BID: 108828 // JVNDB: JVNDB-2019-005536 // CNNVD: CNNVD-201906-653 // NVD: CVE-2019-6327

CREDITS

Mario Rivas and Daniel Romero, NCC Group

Trust: 0.3

sources: BID: 108828

SOURCES

db:	CNVD	id:	CNVD-2019-23317
db:	VULMON	id:	CVE-2019-6327
db:	BID	id:	108828
db:	JVNDB	id:	JVNDB-2019-005536
db:	CNNVD	id:	CNNVD-201906-653
db:	NVD	id:	CVE-2019-6327

LAST UPDATE DATE

2024-11-23T22:06:10.683000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-23317	date:	2019-07-19T00:00:00
db:	VULMON	id:	CVE-2019-6327	date:	2019-10-24T00:00:00
db:	BID	id:	108828	date:	2019-05-31T00:00:00
db:	JVNDB	id:	JVNDB-2019-005536	date:	2019-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201906-653	date:	2019-10-21T00:00:00
db:	NVD	id:	CVE-2019-6327	date:	2024-11-21T04:46:25.067

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-23317	date:	2019-07-18T00:00:00
db:	VULMON	id:	CVE-2019-6327	date:	2019-06-17T00:00:00
db:	BID	id:	108828	date:	2019-05-31T00:00:00
db:	JVNDB	id:	JVNDB-2019-005536	date:	2019-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201906-653	date:	2019-06-17T00:00:00
db:	NVD	id:	CVE-2019-6327	date:	2019-06-17T16:15:12.793