Description
HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://support.hp.com/us-en/document/c05624457
Scores
CVSS v3
7.8
EPSS
0.0014
EPSS Percentile
33.7%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (22)
hp/110_firmware
< nexus_00_04_53.8
hp/310_firmware
< nexus_01_12_00.10
hp/315_firmware
< nexus_03_12_00.14
hp/330_firmware
< nexus_01_12_00.10
hp/335_firmware
< nexus_03_12_00.14
hp/360_firmware
< nexus_01_12_00.10
hp/365_firmware
< nexus_03_12_00.14
hp/370_firmware
< nexus_01_12_00.10
hp/375_firmware
< nexus_03_12_00.14
hp/560_firmware
< storm_00_05_01.5
... and 12 more
Published
Jan 23, 2018
Tracked Since
Feb 18, 2026