CVE-2021-3965

moderate-risk
Published 2022-01-14

Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.

Do I need to act?

-
0.26% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (20)

Designjet T920 Cr355A Firmware
Designjet T920 Cr355B Firmware
Designjet T920 Cr354A Firmware
Designjet T930 L2Y22A Firmware
Designjet T930 L2Y22B Firmware
Designjet T930 L2Y21A Firmware
Designjet T930 L2Y21B Firmware
Designjet T1530 L2Y24A Firmware
Designjet T1530 L2Y24B Firmware
Designjet T1530 L2Y23A Firmware
Designjet T2530 L2Y25A Firmware
Designjet T2530 L2Y26A Firmware
Designjet T2530 L2Y26B Firmware
Designjet T3500 B9E24A Firmware
Designjet T3500 B9E24B Firmware
Designjet T3500 B9E25A Firmware
Designjet Z6800 F2S72A Firmware
Designjet Z6800 F2S72Ar Firmware
Designjet Z6800 F2S72B Firmware
Designjet Z6600 F2S71A Firmware

Affected Vendors

Hp

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_5268198-5268230-16
Vendor Advisory https://support.hp.com/us-en/document/ish_5268198-5268230-16
49
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 22/34 · High