Potential exposure of SMTP credentials when configuring HP Designjet and HP Latex printers.
Reported by: Nicodemo Gawronski
HP has identified a potential security vulnerability with some HP Designjet and HP Latex printers that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.
VULNERABILITY SUMMARY
Reference
|
Base Vector
|
Base Score
|
CVE-2017-0059
|
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
|
6.1
|
Products
|
Firmware name
|
DesignJet T790, T795, T1300, T2300
|
IG_11_00_00.10
|
DesignJet T920, T930, T1500, T1530, T2500, T2530
|
MRY_04_05_00.5
|
DesignJet T3500
|
AENEAS_03_04_00.9
|
Latex 310, 330, 360, 370
|
NEXUS_01_12_00.11
|
Latex 315, 335, 365, 375
|
NEXUS_03_12_00.15
|
Latex 560, 570
|
STORM_00_05_01.6
|
Latex 110
|
Firmware release will be available end of august
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|