Remote disclosure of information
A potential vulnerability exists in HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers. This is the OpenSSL vulnerability known as "Heartbleed" (CVE-2014-0160) which could be exploited remotely resulting in disclosure of information.
VULNERABILITY SUMMARY
Reference
|
Base Vector
|
Base Score
|
CVE-2014-0160
|
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
|
5.0
|
Product Name
|
Model Number
|
Firmware Revision
|
Product Name
|
Model
|
Firmware Update Version
|
HP LaserJet Pro M435nw Multifunction Printer
|
A3E42A
|
v 20140411 (or higher)
|
HP LaserJet Pro 500 color MFP M570
|
CZ271A, CZ272A
|
v 20140411 (or higher)
|
HP LaserJet Pro M521 Multifunction Printer
|
A8P79A, A8P80A
|
v 20140411 (or higher)
|
HP Color LaserJet Pro MFP M476
|
CF387A, CF386A, CF385A
|
v 20140410 (or higher)
|
HP LaserJet Pro M701/M706 Printer
|
B6S00A, B6S01A, B6S02A
|
v 20140411 (or higher)
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|