CVE-2011-0279

HP Multifunction Peripheral Digital S... - Authentication Bypass

Title source: rule

Description

HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication.

References (6)

[Various Sources] http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02738104

[Vendor Advisory] http://secunia.com/advisories/43618

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/65866

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/46679

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1025155

[Third Party Advisory] http://www.vupen.com/english/advisories/2011/0561

Scores

EPSS 0.0008

EPSS Percentile 23.9%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

hp/multifunction_peripheral_digital_sending_software

Timeline

Published Mar 07, 2011

Tracked Since Feb 18, 2026