Vulnerability Details CVE-2004-2439
The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085
- http://securitytracker.com/id?1011671
- http://www.securityfocus.com/bid/11297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17634
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085
- http://securitytracker.com/id?1011671
- http://www.securityfocus.com/bid/11297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17634
Products affected by CVE-2004-2439
-
cpe:2.3:h:hp:color_laserjet:4650
-
cpe:2.3:h:hp:color_laserjet:5500
-
cpe:2.3:h:hp:color_laserjet:5550
-
cpe:2.3:h:hp:color_laserjet_4600:-
-
cpe:2.3:h:hp:laserjet_2500:-
-
cpe:2.3:h:hp:laserjet_3000:-
-
cpe:2.3:h:hp:laserjet_3700:-
-
cpe:2.3:h:hp:laserjet_4100_mfp:-
-
cpe:2.3:h:hp:laserjet_4200:-
-
cpe:2.3:h:hp:laserjet_4300:-
-
cpe:2.3:h:hp:laserjet_9000:-
-
cpe:2.3:h:hp:laserjet_9000_mfp:-
-
cpe:2.3:h:hp:laserjet_9040_mpf:-
-
cpe:2.3:h:hp:laserjet_9050:-
-
cpe:2.3:h:hp:laserjet_9050:q7697a
-
cpe:2.3:h:hp:laserjet_9050_mpf:-
-
cpe:2.3:h:hp:laserjet_9055:-
-
cpe:2.3:h:hp:laserjet_9065:-
-
cpe:2.3:h:hp:laserjet_9500:-
-
cpe:2.3:h:hp:laserjet_9500_mpf:-