CVE-2024-5749

moderate-risk

Published 2024-10-15

Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.

Do I need to act?

0.16% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

F9A29A Firmware

F9A29B Firmware

F9A29C Firmware

F9A29D Firmware

F9A29E Firmware

F9A29G Firmware

T5D66A Firmware

F9A30A Firmware

F9A30B Firmware

F9A30C Firmware

F9A30D Firmware

F9A30E Firmware

F9A30G Firmware

1Jl02B Firmware

T5D67A Firmware

Vendor Advisory https://support.hp.com/us-en/document/ish_11428772-11428805-16/hpsbpi03979

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 18/34 · Moderate