Admin Password Reset Vulnerability in HP LaserJet and JetDirect Devices
CVE-2001-1040

Currently unrated

Key Information:

Vendor: HP
Status: Jetadmin
Vendor: CVE Published:; 31 August 2001

Summary

The vulnerability in HP LaserJet and potentially other JetDirect devices arises from the devices resetting their admin passwords when powered off. This behavior may allow remote attackers to bypass the password protection and gain unauthorized access to the device, leading to potential misuse and security breaches. Users are advised to maintain physical security and consider network configurations to mitigate risks associated with this flaw.

References

http://www.securityfocus.com/bid/3132

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/201224

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Aug 31, 2001