Information Disclosure in HP Enterprise LaserJet Printers with FutureSmart 5.6
CVE-2023-1707

7.5HIGH

Key Information:

Vendor: HP
Status: HP Enterprise Laserjet And HP Laserjet Managed Printers
Vendor: CVE Published:; 13 June 2023

What is CVE-2023-1707?

Certain models of HP Enterprise LaserJet and HP LaserJet Managed Printers are susceptible to information disclosure risks when IPsec is configured. This vulnerability occurs under FutureSmart version 5.6, placing sensitive data at risk of unauthorized access. Organizations utilizing these printers should assess their configurations and implement necessary updates to safeguard against potential data exposure.

Affected Version(s)

HP Enterprise LaserJet and HP LaserJet Managed Printers See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_7905330-7905358...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2023
Vulnerability Reserved
Mar 29, 2023

JSON