CVE-2023-4694

moderate-risk
Published 2023-12-14

Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.

Do I need to act?

-
0.58% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (12)

Officejet Pro 8730 D9L19A Firmware
Officejet Pro 8730 M9L74A Firmware
Officejet Pro 8730 M9L75A Firmware
Officejet Pro 8730 M9L76A Firmware
Officejet Pro 8730 J7A28A Firmware
Officejet Pro 8730 J7A31A Firmware
Officejet Pro 8730 K7S34A Firmware
Officejet Pro 8730 K7S35A Firmware
Officejet Pro 8730 M9L80A Firmware
Officejet Pro 8730 J7A29A Firmware
Officejet Pro 8730 K7S36A Firmware
Officejet Pro 8730 T0G54A Firmware

Affected Vendors

Hp

References (2)

Vendor Advisory https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894
Vendor Advisory https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894
45
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 2/34 · Minimal
Exposure 17/34 · Moderate