Remote Unauthorized Access
Source: HP, HP Product Security Response Team (PSRT)
HP has identified an issue affecting VNC session security within HP Device Manager that could potentially be leveraged to create unauthorized connections.
VULNERABILITY SUMMARY
Reference
|
Base Vector
|
Base Score
|
CVE-2019-18911
|
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
8.1
|
note:Imported certificates must be in PEM format and include the key usage attributes Digital Signature and Key Encipherment and the enhanced key usage attribute must include both Server Authentication and Client Authentication.
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|