fkie_cve-2011-4161
Vulnerability from fkie_nvd
Published
2011-12-01 21:55
Modified
2024-11-21 01:31
Severity ?
Summary
The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:hp:color_laserjet_3000:*:*:*:*:*:*:*:*", matchCriteriaId: "2D7A20B7-2150-451C-A552-B1C6AE738B84", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_3800:*:*:*:*:*:*:*:*", matchCriteriaId: "FBE90FAC-3E5E-482B-B948-2C973E0861AA", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*", matchCriteriaId: "627B437F-2941-4689-A3D0-E0037D9CB053", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_4730:mfp:*:*:*:*:*:*:*", matchCriteriaId: "1E6F162B-7175-452D-8D50-AC0FB87FBBAE", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*", matchCriteriaId: "12F0604C-781B-4E69-A88E-C25492CB163C", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*", matchCriteriaId: "1218222B-AC9B-430D-8948-D72F72293B38", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*", matchCriteriaId: "7C77E2D0-34F7-4940-AC33-47E405006890", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cm3530:*:*:*:*:*:*:*:*", matchCriteriaId: "AE23783E-399C-431E-802D-68D496913A44", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cm4540:mfp:*:*:*:*:*:*:*", matchCriteriaId: "A0221E32-2EA3-4652-AFEB-0F55B9D6F7BF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cm4730:mfp:*:*:*:*:*:*:*", matchCriteriaId: "DFF6E37F-35A2-4EDD-B978-18BC51E1AFED", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cm6030:*:*:*:*:*:*:*:*", matchCriteriaId: "29A8A052-C159-4257-85A7-9B7EC678AAE9", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cm6040:*:*:*:*:*:*:*:*", matchCriteriaId: "3B84958A-FB55-44B7-9109-B35DFDDC3DC2", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cp3505:*:*:*:*:*:*:*:*", matchCriteriaId: "B67E71C7-6B28-4326-AFC9-8CA09532C286", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cp3525:*:*:*:*:*:*:*:*", matchCriteriaId: "7858A3E0-837A-4A10-9D70-99B751EEF279", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cp4005:*:*:*:*:*:*:*:*", matchCriteriaId: "FFD2C1D0-86E9-425D-AA7D-0F8413A13166", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cp5525:*:*:*:*:*:*:*:*", matchCriteriaId: "5DAA6A25-CF6E-44FF-98EB-80CEFFB2EA01", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*", matchCriteriaId: "5994179E-E492-45D8-95F8-790160D9A0BF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_enterprise_cp4520:*:*:*:*:*:*:*:*", matchCriteriaId: "276340C4-D4DB-4260-B424-769AB9E0CB7F", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:*:*:*:*:*:*:*:*", matchCriteriaId: "8652F3C8-D34A-4AE4-B2F0-31D636116F75", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*", matchCriteriaId: "E8D50F7A-2290-49A1-AB7B-F1FCD5035599", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:digital_sender_9200c:*:*:*:*:*:*:*:*", matchCriteriaId: "7E0408E2-B242-4697-B784-2B4B6C1EE828", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:digital_sender_9250c:*:*:*:*:*:*:*:*", matchCriteriaId: "1ABAE0CD-0994-4D4D-9D9D-A50898C8C1DC", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*", matchCriteriaId: "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*", matchCriteriaId: "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*", matchCriteriaId: "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*", matchCriteriaId: "850BE715-BC0F-4873-9A72-6AED6259FF22", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*", matchCriteriaId: "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*", matchCriteriaId: "B2D74F55-65F6-4328-B553-2756A75B777E", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1FEDCF-C604-49B3-B748-03BE3193792E", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_500_color:m551:*:*:*:*:*:*:*", matchCriteriaId: "DDDB4B85-F5CD-45DC-A5ED-C4C9F4E6FF4A", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_600:m601:*:*:*:*:*:*:*", matchCriteriaId: "7C4AF24A-E25B-4A2F-B7B7-67E15AAF9B30", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_600:m602:*:*:*:*:*:*:*", matchCriteriaId: "305480EC-1C47-4B8A-8568-7CE4C617A319", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_600:m603:*:*:*:*:*:*:*", matchCriteriaId: "0FFE81AF-91B0-40AE-9CF9-3820751AA9D0", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_m4555:mfp:*:*:*:*:*:*:*", matchCriteriaId: "1EB666B7-0A2E-4256-BBD0-817617F01425", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_enterprise_p3015:*:*:*:*:*:*:*:*", matchCriteriaId: "ECEABADC-F719-48BF-9C28-92E09A506681", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_m3035:*:*:*:*:*:*:*:*", matchCriteriaId: "8B2A2D06-9C06-4001-B3ED-85C28846C8A9", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_m5035:*:*:*:*:*:*:*:*", matchCriteriaId: "C7FD4993-FD92-4D35-AD8D-099B76436CEE", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_m9040:*:*:*:*:*:*:*:*", matchCriteriaId: "029D54F1-1849-45AB-9DD4-7768197516B2", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_m9050:*:*:*:*:*:*:*:*", matchCriteriaId: "45B98C71-FF30-44D9-904E-61676C4313F9", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*", matchCriteriaId: "1BED71C7-C0A7-4934-9930-1EC7C5A96584", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*", matchCriteriaId: "222D062D-1F47-4E21-9173-A5AFEEF66482", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*", matchCriteriaId: "6CFBC095-00B6-48D7-AC0A-C172DD3A550B", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:laserjet_p4515:*:*:*:*:*:*:*:*", matchCriteriaId: "9A71AB74-7F6B-4B0F-8C52-F12187A6788A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.", }, { lang: "es", value: "La configuración por defecto de la impresora HP CM8060 Color MFP con Edgeline, y las impresoras HP Color 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx y Enterprise CPxxxx; las Digital Sender 9200c y 9250c; LaserJet 4xxx, 5200, 90XX, Mxxxx y Pxxxx y LaserJet Enterprise 500 color M551, 600, M4555 MFP, y P3015 permite la actualización remota del firmware (RFU), lo que permite a atacantes remotos ejecutar código de su elección mediante la apertura de una sesión en el puerto TCP 9100 para subir una actualización de firmware diseñada por el atacante.", }, ], id: "CVE-2011-4161", lastModified: "2024-11-21T01:31:57.317", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-12-01T21:55:00.707", references: [ { source: "hp-security-alert@hp.com", tags: [ "Vendor Advisory", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449", }, { source: "hp-security-alert@hp.com", tags: [ "Vendor Advisory", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449", }, { source: "hp-security-alert@hp.com", url: "http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112", }, { source: "hp-security-alert@hp.com", url: "http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say", }, { source: "hp-security-alert@hp.com", url: "http://secunia.com/advisories/47063", }, { source: "hp-security-alert@hp.com", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/717921", }, { source: "hp-security-alert@hp.com", url: "http://www.securityfocus.com/bid/51324", }, { source: "hp-security-alert@hp.com", url: "http://www.securitytracker.com/id?1026357", }, { source: "hp-security-alert@hp.com", url: "https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/47063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/717921", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/51324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1026357", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html", }, ], sourceIdentifier: "hp-security-alert@hp.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.