Cross Site Request Forgery Vulnerability in HP Printers and MFPs
CVE-2018-5921

8.8HIGH

Key Information:

Vendor: HP
Status: Certain HP Enterprise Printers, HP Pagewide Printers, And Mfp Products
Vendor: CVE Published:; 3 October 2018

What is CVE-2018-5921?

A vulnerability exists in certain HP printers and Multifunction Printers (MFPs) running specific firmware versions that could be exploited via Cross Site Request Forgery (CSRF). This flaw may allow attackers to execute unauthorized actions on behalf of users, potentially leading to an elevation of privileges. Organizations should ensure their devices are updated with the latest firmware to mitigate the risk of exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Certain HP Enterprise Printers, HP PageWide Printers, and MFP Products 2405129_000052 and other firmware versions

References

https://support.hp.com/us-en/document/c05949322

vendor-advisoryx_refsource_HP

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2018
Vulnerability Reserved
Jan 19, 2018

JSON

HP

What is CVE-2018-5921?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.