4.8 - CVE-2019-6332

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2019-6332	First vendor Publication	2020-01-09
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Overall CVSS Score	4.8
Base Score	4.8	Environmental Score	4.8
impact SubScore	2.7	Temporal Score	4.8
Exploitabality Sub Score	1.7

Attack Vector	Network	Attack Complexity	Low
Privileges Required	High	User Interaction	Required
Scope	Changed	Confidentiality Impact	Low
Integrity Impact	Low	Availability Impact	None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:N/I:P/A:N)
Cvss Base Score	3.5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	6.8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6332

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Os	Hp Deskjet 2600 4Uj28B Firmware cpe:2.3:o:hp:deskjet_2600_4uj28b_firmware::::::::	1
Os	Hp Deskjet 2600 V1N01A Firmware cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware:::::::: cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware:-:::::::*	2
Os	Hp Deskjet 2600 V1N08A Firmware cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware:::::::: cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware:-:::::::*	2
Os	Hp Deskjet 2600 Y5H60A Firmware cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware:::::::: cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware:-:::::::*	2
Os	Hp Deskjet 2600 Y5H80A Firmware cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware:::::::: cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware:-:::::::*	2
Os	Hp Deskjet Ink Advantage 2600 V1N02A Firmware cpe:2.3:o:hp:deskjet_ink_advantage_2600_v1n02a_firmware:::::::: cpe:2.3:o:hp:deskjet_ink_advantage_2600_v1n02a_firmware:-:::::::*	2
Os	Hp Deskjet Ink Advantage 2600 V1N02B Firmware cpe:2.3:o:hp:deskjet_ink_advantage_2600_v1n02b_firmware::::::::	1
Os	Hp Deskjet Ink Advantage 2600 Y5Z00A Firmware cpe:2.3:o:hp:deskjet_ink_advantage_2600_y5z00a_firmware:::::::: cpe:2.3:o:hp:deskjet_ink_advantage_2600_y5z00a_firmware:-:::::::*	2
Os	Hp Deskjet Ink Advantage 5000 M2U86A Firmware cpe:2.3:o:hp:deskjet_ink_advantage_5000_m2u86a_firmware::::::::	1
Os	Hp Deskjet Ink Advantage 5000 M2U89B Firmware cpe:2.3:o:hp:deskjet_ink_advantage_5000_m2u89b_firmware::::::::	1
Os	Hp Deskjet Ink Advantage 5200 M2U76A Firmware cpe:2.3:o:hp:deskjet_ink_advantage_5200_m2u76a_firmware::::::::	1
Os	Hp Deskjet Ink Advantage 5200 M2U78B Firmware cpe:2.3:o:hp:deskjet_ink_advantage_5200_m2u78b_firmware::::::::	1
Os	Hp Envy 5000 M2U85A Firmware cpe:2.3:o:hp:envy_5000_m2u85a_firmware::::::::	1
Os	Hp Envy 5000 M2U85B Firmware cpe:2.3:o:hp:envy_5000_m2u85b_firmware::::::::	1
Os	Hp Envy 5000 M2U91A Firmware cpe:2.3:o:hp:envy_5000_m2u91a_firmware::::::::	1
Os	Hp Envy 5000 M2U94B Firmware cpe:2.3:o:hp:envy_5000_m2u94b_firmware::::::::	1
Os	Hp Envy 5000 Z4A54A Firmware cpe:2.3:o:hp:envy_5000_z4a54a_firmware::::::::	1
Os	Hp Envy 5000 Z4A74A Firmware cpe:2.3:o:hp:envy_5000_z4a74a_firmware::::::::	1
Os	Hp Envy Photo 6200 K7G18A Firmware cpe:2.3:o:hp:envy_photo_6200_k7g18a_firmware::::::::	1
Os	Hp Envy Photo 6200 K7G26B Firmware cpe:2.3:o:hp:envy_photo_6200_k7g26b_firmware::::::::	1
Os	Hp Envy Photo 6200 K7S21B Firmware cpe:2.3:o:hp:envy_photo_6200_k7s21b_firmware::::::::	1
Os	Hp Envy Photo 6200 Y0K13D Firmware cpe:2.3:o:hp:envy_photo_6200_y0k13d__firmware::::::::	1
Os	Hp Envy Photo 6200 Y0K15A Firmware cpe:2.3:o:hp:envy_photo_6200_y0k15a_firmware::::::::	1
Os	Hp Envy Photo 7100 3Xd89A Firmware cpe:2.3:o:hp:envy_photo_7100_3xd89a_firmware::::::::	1
Os	Hp Envy Photo 7100 K7G93A Firmware cpe:2.3:o:hp:envy_photo_7100_k7g93a_firmware::::::::	1
Os	Hp Envy Photo 7100 K7G99A Firmware cpe:2.3:o:hp:envy_photo_7100_k7g99a_firmware::::::::	1
Os	Hp Envy Photo 7100 Z3M37A Firmware cpe:2.3:o:hp:envy_photo_7100_z3m37a_firmware::::::::	1
Os	Hp Envy Photo 7100 Z3M52A Firmware cpe:2.3:o:hp:envy_photo_7100_z3m52a_firmware::::::::	1
Os	Hp Envy Photo 7800 K7R96A Firmware cpe:2.3:o:hp:envy_photo_7800_k7r96a_firmware::::::::	1
Os	Hp Envy Photo 7800 K7S00A Firmware cpe:2.3:o:hp:envy_photo_7800_k7s00a_firmware::::::::	1
Os	Hp Envy Photo 7800 K7S10D Firmware cpe:2.3:o:hp:envy_photo_7800_k7s10d_firmware::::::::	1
Os	Hp Envy Photo 7800 Y0G42D Firmware cpe:2.3:o:hp:envy_photo_7800_y0g42d_firmware::::::::	1
Os	Hp Envy Photo 7800 Y0G52B Firmware cpe:2.3:o:hp:envy_photo_7800_y0g52b_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 4Dx94A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_4dx94a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 4Dx95A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_4dx95a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 4Yf79A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_4yf79a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 Z4B53A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_z4b53a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 Z4B55A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_z4b55a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 Z6Z95A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_z6z95a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 Z6Z99A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_z6z99a_firmware::::::::	1
Os	Hp Ink Tank Wireless 410 Z7A01A Firmware cpe:2.3:o:hp:ink_tank_wireless_410_z7a01a_firmware::::::::	1
Os	Hp Officejet 5200 M2U75A Firmware cpe:2.3:o:hp:officejet_5200_m2u75a_firmware::::::::	1
Os	Hp Officejet 5200 M2U81A Firmware cpe:2.3:o:hp:officejet_5200_m2u81a_firmware::::::::	1
Os	Hp Officejet 5200 M2U84B Firmware cpe:2.3:o:hp:officejet_5200_m2u84b_firmware::::::::	1
Os	Hp Officejet 5200 Z4B12A Firmware cpe:2.3:o:hp:officejet_5200_z4b12a_firmware::::::::	1
Os	Hp Officejet 5200 Z4B14A Firmware cpe:2.3:o:hp:officejet_5200_z4b14a_firmware::::::::	1
Os	Hp Officejet 5200 Z4B27A Firmware cpe:2.3:o:hp:officejet_5200_z4b27a_firmware::::::::	1
Os	Hp Officejet 5200 Z4B29A Firmware cpe:2.3:o:hp:officejet_5200_z4b29a_firmware::::::::	1
Os	Hp Smart Tank Wireless 450 Z4B56A Firmware cpe:2.3:o:hp:smart_tank_wireless_450_z4b56a_firmware::::::::	1
Os	Hp Smart Tank Wireless 450 Z6Z96A Firmware cpe:2.3:o:hp:smart_tank_wireless_450_z6z96a_firmware::::::::	1
Os	Hp Smart Tank Wireless 450 Z6Z98A Firmware cpe:2.3:o:hp:smart_tank_wireless_450_z6z98a_firmware::::::::	1

Sources (Detail)

https://support.hp.com/in-en/document/c06428029

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 13:34:02	Multiple Updates
2023-01-18 01:47:53	Multiple Updates
2020-05-23 02:32:16	First insertion

Type	Count
CWE ID(s)	1
CPE ID(s)	57
Sources(s)	1

4.8 - CVE-2019-6332

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Sources (Detail)

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU