Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)
CVE-2023-5113

6.1MEDIUM

Key Information:

Vendor: HP
Status: Certain HP Enterprise Laserjet, Laserjet Managed Printers
Vendor: CVE Published:; 4 October 2023

Summary

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI.

Affected Version(s)

Certain HP Enterprise LaserJet, LaserJet Managed printers See HP Security Bulletin reference for affected versions.

References

https://support.hp.com/us-en/document/ish_9365285-9365309-16

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 4, 2023
Vulnerability Reserved
Sep 21, 2023