This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Hp First view 2018-01-23
Product C2S12A Firmware Last view 2018-10-03
Version * Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:hp:c2s12a_firmware

Activity : Overall

Related : CVE

  Date Alert Description
8.8 2018-10-03 CVE-2018-5921

A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.
9.8 2018-01-23 CVE-2017-2750

Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.
6.1 2018-01-23 CVE-2017-2743

HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-352 Cross-Site Request Forgery (CSRF)
33% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
33% (1) CWE-20 Improper Input Validation

Nessus® Vulnerability Scanner

id Description
2017-11-28 Name: The remote printer is affected by a remote code execution vulnerability.
File: hp_laserjet_hpsbpi03569.nasl - Type: ACT_GATHER_INFO
2017-11-28 Name: The remote printer is affected by a remote code execution vulnerability.
File: hp_officejet_hpsbpi03569.nasl - Type: ACT_GATHER_INFO