ID

VAR-200903-0381


CVE

CVE-2009-0940


TITLE

HP LaserJet Printer , HP Edgeline Printer , and HP Digital Sender Run on HP Embedded Web Server (EWS) Multiple cross-site request forgery vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-001458

DESCRIPTION

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config. Multiple HP printers are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to change a device's configuration and perform other unauthorized actions. This issue affects HP LaserJet M1522n MFP and HP Color LaserJet 2605dtn. Other models in the LaserJet Printer, Edgeline Printer, and Digital Sender lines are also expected to be affected. The embedded WEB server of LaserJet series laser printer accepts the printing request sent on TCP port 9100 by default. If a user is tricked into visiting a website containing malicious code, it may lead to a cross-site request forgery attack and unauthorized changes to the printer network configuration or user password

Trust: 1.98

sources: NVD: CVE-2009-0940 // JVNDB: JVNDB-2009-001458 // BID: 34143 // VULHUB: VHN-38386

AFFECTED PRODUCTS

vendor:hpmodel:laserjet 9050mfpscope:eqversion:20080204_08.110.0

Trust: 1.6

vendor:hpmodel:laserjet 9040mfpscope:eqversion:20080204_08.110.0

Trust: 1.6

vendor:hpmodel:laserjet 1022nwscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2200dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet m4345 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color mfp cm8060scope:eqversion: -

Trust: 1.0

vendor:hpmodel:laserjet 2430scope:eqversion:20070410_08.112.3

Trust: 1.0

vendor:hpmodel:laserjet 2500cscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4200scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p4500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5100scope:eqversion:v.29.12

Trust: 1.0

vendor:hpmodel:laserjet 9065scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2400scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1009scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1010scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2410scope:eqversion:20070410_08.112.3

Trust: 1.0

vendor:hpmodel:color laserjet 9500mfpscope:eqversion:20070719_05.011.2

Trust: 1.0

vendor:hpmodel:laserjet p2050scope:eqversion:*

Trust: 1.0

vendor:hpmodel:9100c digital senderscope:eqversion: -

Trust: 1.0

vendor:hpmodel:color laserjet 4600scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4 plus\/m plusscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4m plusscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1012scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 8150scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 2500nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5siscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 8550scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iiscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2300scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1320scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4350scope:eqversion:20080319_08.015.0

Trust: 1.0

vendor:hpmodel:color laserjet 4700scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 2500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:8100c digital senderscope:eqversion: -

Trust: 1.0

vendor:hpmodel:laserjet m3035 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2600nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1008scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet m5025 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p2015scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4300scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iidscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p4510scope:eqversion:*

Trust: 1.0

vendor:hpmodel:digital sendersscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1005scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5mscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4siscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iiipscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p2010scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5000scope:eqversion:r.25.47

Trust: 1.0

vendor:hpmodel:laserjet 9500mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 2500lsescope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet m3027 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4100mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 2500lscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1022nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5200scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p2030scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1015scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1006scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1200scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4240nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9000 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 3700scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4345 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4350dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1160scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1022scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 3000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iiisiscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2100scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4000nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4l\/mlscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4730 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:edgeline printersscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4600dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1018sscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1505scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 9500 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjetscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p4015scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2200scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iiiscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iipscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9050 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9040scope:eqversion:20080204_08.110.0

Trust: 1.0

vendor:hpmodel:laserjet 2420scope:eqversion:20070410_08.112.3

Trust: 1.0

vendor:hpmodel:laserjet 8150dnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4650scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9040scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4250scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4650dnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9050scope:eqversion:20080204_08.110.0

Trust: 1.0

vendor:hpmodel:laserjet 9000mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p2000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4345mfpscope:eqversion:20081211_09.131.1

Trust: 1.0

vendor:hpmodel:laserjet 9050scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1020 plusscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5000scope:eqversion:r.25.15

Trust: 1.0

vendor:hpmodel:laserjet 1005scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4100scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iip plusscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5100dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4100 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1020scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1100scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5lscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2600cscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1505nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:9250c digital senderscope:eqversion: -

Trust: 1.0

vendor:hpmodel:laserjet 2300dnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4v\/mvscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 5500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1018scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 5550scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 1500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 8100scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9040mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4250scope:eqversion:20080319_08.015.0

Trust: 1.0

vendor:hpmodel:laserjet 4p\/mpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color mfp cm8050scope:eqversion: -

Trust: 1.0

vendor:hpmodel:laserjet p4010scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet m1522n mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4370mfpscope:eqversion:20081211_46.211.2

Trust: 1.0

vendor:hpmodel:color laserjet 2605dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet iiidscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2430scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9050mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4200lnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1150scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5p\/mpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p3000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4600hdnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 4600dnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 1300scope:eqversion:*

Trust: 1.0

vendor:hpmodel:9200c digital senderscope:eqversion: -

Trust: 1.0

vendor:hpmodel:laserjet 500 plusscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9055scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet m5035 mfpscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4200dtnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 2scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 9500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p4014scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 2500tnscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 9000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4\/4mscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5\/m\/nscope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:color laserjet 8500scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p3005scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet p1007scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4050scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 8000scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 5100scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4240scope:eqversion:*

Trust: 1.0

vendor:hpmodel:laserjet 4350scope:eqversion:*

Trust: 1.0

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:1500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:2500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:2605 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:4370 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:4600 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:4650 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:4700 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:4730 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:5500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:5550 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:8500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:8550 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:9500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp color laserjetscope:eqversion:printer

Trust: 0.8

vendor:hewlett packardmodel:hp color mfp productsscope:eqversion:cm8050

Trust: 0.8

vendor:hewlett packardmodel:hp color mfp productsscope:eqversion:cm8060

Trust: 0.8

vendor:hewlett packardmodel:hp digital senderscope:eqversion:none

Trust: 0.8

vendor:hewlett packardmodel:hp digital senderscope:eqversion:8100

Trust: 0.8

vendor:hewlett packardmodel:hp digital senderscope:eqversion:9100

Trust: 0.8

vendor:hewlett packardmodel:hp digital senderscope:eqversion:9200

Trust: 0.8

vendor:hewlett packardmodel:hp digital senderscope:eqversion:9250

Trust: 0.8

vendor:hewlett packardmodel:hp edgeline printerscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1005 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1010 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1012 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1015 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1018 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1020 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1022 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1100 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1150 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1160 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1200 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1300 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:1320 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2100 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2200 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2300 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2400 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2410 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2430 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:2600 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:3 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:3000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:3700 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4050 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4100 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4200 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4240 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4250 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4300 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4345 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4350 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:4650 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:5 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:5000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:5100 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:5200 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:8000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:8100 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:8150 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9040 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9050 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9055 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9065 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:9500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m1522 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m3027 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m3035 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m4345 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m5025 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:m5035 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1005 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1006 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1007 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1008 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1009 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p1505 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p2000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p2010 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p2015 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p2030 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p2050 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p3000 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p3005 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p4010 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p4014 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p4015 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p4500 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:p4510 printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:printer

Trust: 0.8

vendor:hewlett packardmodel:hp laserjetscope:eqversion:printer series2

Trust: 0.8

vendor:hpmodel:laserjet 9055scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet m5035 mfpscope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet 9065scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet m5025 mfpscope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet 9050mfpscope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet 9500scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet 9050scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet p2000scope: - version: -

Trust: 0.6

vendor:hpmodel:laserjet m1522n mfpscope:eqversion:0

Trust: 0.3

vendor:hpmodel:embedded web serverscope:eqversion:0

Trust: 0.3

vendor:hpmodel:edgeline printerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:digital senderscope:eqversion:0

Trust: 0.3

vendor:hpmodel:color laserjet 2605dtnscope:eqversion:0

Trust: 0.3

sources: BID: 34143 // JVNDB: JVNDB-2009-001458 // CNNVD: CNNVD-200903-312 // NVD: CVE-2009-0940

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-0940
value: MEDIUM

Trust: 1.0

NVD: CVE-2009-0940
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200903-312
value: MEDIUM

Trust: 0.6

VULHUB: VHN-38386
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2009-0940
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-38386
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-38386 // JVNDB: JVNDB-2009-001458 // CNNVD: CNNVD-200903-312 // NVD: CVE-2009-0940

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-38386 // JVNDB: JVNDB-2009-001458 // NVD: CVE-2009-0940

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200903-312

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-200903-312

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-001458

PATCH

title:c01684566url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566

Trust: 0.8

sources: JVNDB: JVNDB-2009-001458

EXTERNAL IDS

db:NVDid:CVE-2009-0940

Trust: 2.5

db:BIDid:34143

Trust: 2.0

db:VUPENid:ADV-2009-0754

Trust: 1.7

db:OSVDBid:52847

Trust: 1.7

db:OSVDBid:52848

Trust: 1.7

db:OSVDBid:52849

Trust: 1.7

db:JVNDBid:JVNDB-2009-001458

Trust: 0.8

db:CNNVDid:CNNVD-200903-312

Trust: 0.7

db:HPid:HPSN-2009-001

Trust: 0.6

db:BUGTRAQid:20090316 HP LASERJET MULTIPLE MODELS WEB MANAGEMENT CSRF VULNERABILITY & INSECURE DEFAULT CONFIGURATION

Trust: 0.6

db:VULHUBid:VHN-38386

Trust: 0.1

sources: VULHUB: VHN-38386 // BID: 34143 // JVNDB: JVNDB-2009-001458 // CNNVD: CNNVD-200903-312 // NVD: CVE-2009-0940

REFERENCES

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01684566

Trust: 2.0

url:http://www.securityfocus.com/bid/34143

Trust: 1.7

url:http://www.louhinetworks.fi/advisory/hp_20090317.txt

Trust: 1.7

url:http://osvdb.org/52847

Trust: 1.7

url:http://osvdb.org/52848

Trust: 1.7

url:http://osvdb.org/52849

Trust: 1.7

url:http://www.vupen.com/english/advisories/2009/0754

Trust: 1.7

url:http://www.securityfocus.com/archive/1/501884/100/0/threaded

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0940

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0940

Trust: 0.8

url:http://www.securityfocus.com/archive/1/archive/1/501884/100/0/threaded

Trust: 0.6

url: http://www.phptoys.com/product/micro-news.html

Trust: 0.3

url:/archive/1/501884

Trust: 0.3

sources: VULHUB: VHN-38386 // BID: 34143 // JVNDB: JVNDB-2009-001458 // CNNVD: CNNVD-200903-312 // NVD: CVE-2009-0940

CREDITS

Henri Lindberg henri.lindberg@louhi.fi

Trust: 0.6

sources: CNNVD: CNNVD-200903-312

SOURCES

db:VULHUBid:VHN-38386
db:BIDid:34143
db:JVNDBid:JVNDB-2009-001458
db:CNNVDid:CNNVD-200903-312
db:NVDid:CVE-2009-0940

LAST UPDATE DATE

2024-11-23T21:48:02.870000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-38386date:2018-10-10T00:00:00
db:BIDid:34143date:2009-03-17T17:16:00
db:JVNDBid:JVNDB-2009-001458date:2009-06-30T00:00:00
db:CNNVDid:CNNVD-200903-312date:2009-04-02T00:00:00
db:NVDid:CVE-2009-0940date:2024-11-21T01:01:17.307

SOURCES RELEASE DATE

db:VULHUBid:VHN-38386date:2009-03-18T00:00:00
db:BIDid:34143date:2009-03-17T00:00:00
db:JVNDBid:JVNDB-2009-001458date:2009-06-30T00:00:00
db:CNNVDid:CNNVD-200903-312date:2009-03-18T00:00:00
db:NVDid:CVE-2009-0940date:2009-03-18T21:00:00.377