Account Lockout Bypass Vulnerability in HP Printers and All-in-Ones
CVE-2019-18917

6.5MEDIUM

Key Information:

Vendor: HP
Status: HP Envy 5000 All-in-one Printer Series (m2u85a - M2u85b, M2u91a - M2u94b, Z4a54a - Z4a74a); HP Deskjet Ink Advantage 5000 All-in-one Printer Series (m2u86a - M2u89b)
Vendor: CVE Published:; 16 March 2020

What is CVE-2019-18917?

A potential security vulnerability has been identified in specific HP Printers and All-in-Ones that allows an attacker to bypass the account lockout mechanism. This could enable unauthorized access to printer settings and user accounts, posing significant risks to information security. Organizations using affected devices should prioritize remediation to ensure their printing operations are secure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HP ENVY 5000 All-in-One Printer series (M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A); HP DeskJet Ink Advantage 5000 All-in-One Printer series (M2U86A - M2U89B) Before 003.2008A

References

https://support.hp.com/us-en/document/c06594863

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 16, 2020
Vulnerability Reserved
Nov 12, 2019

JSON

HP

What is CVE-2019-18917?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.