1. CVE-Search
  2. CVE-2004-2439
ID CVE-2004-2439
Summary The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.
References
Vulnerable Configurations
  • cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*
    cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:color_laserjet:5500:*:*:*:*:*:*:*
    cpe:2.3:h:hp:color_laserjet:5500:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:color_laserjet:5550:*:*:*:*:*:*:*
    cpe:2.3:h:hp:color_laserjet:5550:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9040_mpf:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9040_mpf:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9050_mpf:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9050_mpf:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:laserjet_9500_mpf:*:*:*:*:*:*:*:*
    cpe:2.3:h:hp:laserjet_9500_mpf:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 11297
hp SSRT4840
sectrack 1011671
xf hp-laserjet-firmware-upgrade(17634)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Last modified 11-07-2017 - 01:31
Back to Top