HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00141.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
HP Inc. HP Designjet printers; HP Latex printers affected
Version Status Constraints
fixed in IG_11_00_00.10, MRY_04_05_00.5, and AENEAS_03_04_00.9 affected
NEXUS_01_12_00.11, NEXUS_03_12_00.15, and STORM_00_05_01.6 affected

Configuration 1 [-]

AND
cpe:2.3:o:hp:t790_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t790:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:hp:t795_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t795:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:hp:t1300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t1300:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:hp:t2300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t2300:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:hp:t920_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t920:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:hp:t930_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t930:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:hp:t1500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t1500:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:hp:t1530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t1530:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:hp:t2500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t2500:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:hp:t2530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t2530:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:hp:t3500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t3500:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:hp:110_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:110:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:hp:310_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:310:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:hp:330_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:330:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:hp:360_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:360:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:hp:370_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:370:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:hp:315_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:315:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:hp:335_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:335:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:hp:365_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:365:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:hp:375_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:375:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:hp:560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:560:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:hp:570_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:570:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Hp Subscribe
110 Subscribe
110 Firmware Subscribe
310 Subscribe
310 Firmware Subscribe
315 Subscribe
315 Firmware Subscribe
330 Subscribe
330 Firmware Subscribe
335 Subscribe
335 Firmware Subscribe
360 Subscribe
360 Firmware Subscribe
365 Subscribe
365 Firmware Subscribe
370 Subscribe
370 Firmware Subscribe
375 Subscribe
375 Firmware Subscribe
560 Subscribe
560 Firmware Subscribe
570 Subscribe
570 Firmware Subscribe
T1300 Subscribe
T1300 Firmware Subscribe
T1500 Subscribe
T1500 Firmware Subscribe
T1530 Subscribe
T1530 Firmware Subscribe
T2300 Subscribe
T2300 Firmware Subscribe
T2500 Subscribe
T2500 Firmware Subscribe
T2530 Subscribe
T2530 Firmware Subscribe
T3500 Subscribe
T3500 Firmware Subscribe
T790 Subscribe
T790 Firmware Subscribe
T795 Subscribe
T795 Firmware Subscribe
T920 Subscribe
T920 Firmware Subscribe
T930 Subscribe
T930 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2017-11890 HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://support.hp.com/us-en/document/c05624457 cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: hp

Published:

Updated: 2024-09-16T17:54:55.858Z

Reserved: 2016-12-01T00:00:00.000Z

Link: CVE-2017-2747

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-01-23T16:29:01.570

Modified: 2024-11-21T03:24:06.410

Link: CVE-2017-2747

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses