CVE-2024-0407

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Information Disclosure

CVSS 6.5 MEDIUMEPSS 0.3%

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

20 Feb 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's certificate store.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

HP Inc. · Certain HP Enterprise LaserJet, HP LaserJet Managed Printers

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.hp.com/us-en/document/ish_10174094-10174120-16