CVE-2009-2684
Published Oct 13, 2009
Last updated 6 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:cm8050_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "009EBEE6-1863-4E6B-BB73-8FB1168AD164"
},
{
"criteria": "cpe:2.3:h:hp:cm8060_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDC795DF-7811-461F-8F50-60E00C8EBD69"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_3000n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2916ED3C-57AF-4DE9-9329-DDA66AD983AF"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_3600n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0714BB6-5CB9-42FD-B534-A7BF74F83EF0"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_3800n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "388C4301-9BC1-43EB-8C8F-862D5D5916A5"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD166E1F-3A57-4293-AF22-373FB2784FDC"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_6040_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EDAC0E8-889C-4E76-AC6C-B9A6B0D792FC"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cm4730_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E646E2D7-7C65-4A6F-8B51-A6119B512837"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp3505:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B67E71C7-6B28-4326-AFC9-8CA09532C286"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp4005n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EF8ACEA-FB3F-40EA-81C6-29EF9FCFB302"
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5994179E-E492-45D8-95F8-790160D9A0BF"
},
{
"criteria": "cpe:2.3:h:hp:ds_9200c:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "341EE50F-0CD3-401A-B429-3B2EFE285036"
},
{
"criteria": "cpe:2.3:h:hp:ds_9250c:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA39BF1D-283E-4049-91C9-B93C93432DA4"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2410:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92DD1DA2-7210-4A7E-BD37-5365935C7BF6"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2420:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2505387C-7739-4EFE-8973-459412727674"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D6F7DE2-1A67-4389-99A9-C6796025E000"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF512AA5-F72B-470F-BA53-8EC6851F2F34"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ED3264A-7745-4BB7-9D1B-F7D9560788D7"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DFA350C-6631-4474-8FFD-D439234D2D1F"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5352B3B-71D5-464E-B124-6FFC41F41B32"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87632290-99A8-4E9F-9FA5-F497DE690837"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FDA57B8-2AD5-45EF-9824-E60EBFF71D86"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38237939-9DE0-4CDE-916B-E0F822975773"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE95CC32-07DA-473D-BDAC-347B137E582A"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEC3DE1F-AA79-4FE8-B634-368BDF14C0B9"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345x_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7995CEA-25BF-45A1-B166-B4A962FCB5CE"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55C69873-A989-4B66-8D28-67A260EC7A4E"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m9040_mpf:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C793A8D-5C58-481A-A253-4704A7EE29CD"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m9050_mpf:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E6F181F-3AB7-409D-B32F-8B09B6DDA110"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005n:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88D04BDC-9273-4A09-BED4-18E44E99EBCF"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482"
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4515:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A71AB74-7F6B-4B0F-8C52-F12187A6788A"
}
],
"operator": "OR"
}
]
}
]