Cross-Site Request Forgery Vulnerability in HP DeskJet All-in-One Printers
CVE-2019-6320

8.1HIGH

Key Information:

Vendor: HP
Status: HP Deskjet 3630 All-in-one Printer Series
Vendor: CVE Published:; 9 January 2020

Summary

Certain models of HP DeskJet 3630 All-in-One Printers are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This security issue may enable attackers to exploit the printer's functionality, potentially leading to service interruptions or misconfigurations. It is important for users to be aware of the affected firmware versions (SWP1FN1912BR or higher) to maintain the security and integrity of their devices.

Affected Version(s)

HP DeskJet 3630 All-in-One Printer series F5S43A - F5S57A

HP DeskJet 3630 All-in-One Printer series K4T93A - K4T99C

HP DeskJet 3630 All-in-One Printer series K4U00B - K4U03B

References

https://support.hp.com/us-en/document/c06308143

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2020
Vulnerability Reserved
Jan 15, 2019