CVE-2019-6320

Published Jan 9, 2020

Last updated 5 years ago

CVSS high 8.1

Overview

Description: Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration.
Source: hp-security-alert@hp.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-352

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_f5s43a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFBD372D-FCE4-447F-9653-465B0C117365",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_f5s43a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09AAAEF3-3CF8-4F36-BABE-B56131229FFD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_f5s57a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C6168C9-D5E5-4F24-A14B-11B80B2622BC",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_f5s57a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93D9144A-FF96-47D6-ACB2-582A4116AC05"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_k4t93a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EDFBAAC-B829-4C8F-A2AC-494661FA490C",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_k4t93a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AE9892A4-E8B1-44A9-BAD2-BC5CE98945DD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_k4t99c_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13F7E920-0440-479C-9FF4-4227EAD89BA2",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_k4t99c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4CAC11A2-4040-4CCE-BFD3-D41335F76288"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_k4u00b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D13D5B4B-48AA-4DDA-93BD-DFCAB470669C",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_k4u00b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD6AFF7E-95A6-427E-B34F-BC2C5431732B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_k4u03b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D42966CC-8380-4629-8844-634FD4D7A538",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_k4u03b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "630AE831-E298-49D9-BACB-840D0DF7D292"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_v3f21a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9C504B5-4B1B-4AF9-97D7-552F68886BC5",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_v3f21a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57874890-AB5F-4263-A7B4-F9DC85C62338"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:deskjet_3630_v3f22a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADBD9412-3EBC-4909-AC29-6345B6484D51",
            "versionEndExcluding": "swp1fn1912br"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hp:deskjet_3630_v3f22a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58D02BB0-D15D-471E-9017-D51C08E7CB92"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References