CVE-2011-4161

{"id": "CVE-2011-4161", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-12-01T21:55:00.707", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112", "source": "hp-security-alert@hp.com"}, {"url": "http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say", "source": "hp-security-alert@hp.com"}, {"url": "http://secunia.com/advisories/47063", "source": "hp-security-alert@hp.com"}, {"url": "http://www.kb.cert.org/vuls/id/717921", "tags": ["US Government Resource"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/bid/51324", "source": "hp-security-alert@hp.com"}, {"url": "http://www.securitytracker.com/id?1026357", "source": "hp-security-alert@hp.com"}, {"url": "https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update."}, {"lang": "es", "value": "La configuraci\u00f3n por defecto de la impresora HP CM8060 Color MFP con Edgeline, y las impresoras HP Color 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx y Enterprise CPxxxx; las Digital Sender 9200c y 9250c; LaserJet 4xxx, 5200, 90XX, Mxxxx y Pxxxx y LaserJet Enterprise 500 color M551, 600, M4555 MFP, y P3015 permite la actualizaci\u00f3n remota del firmware (RFU), lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante la apertura de una sesi\u00f3n en el puerto TCP 9100 para subir una actualizaci\u00f3n de firmware dise\u00f1ada por el atacante."}], "lastModified": "2012-09-18T03:28:13.693", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:color_laserjet_3000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D7A20B7-2150-451C-A552-B1C6AE738B84"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_3800:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBE90FAC-3E5E-482B-B948-2C973E0861AA"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "627B437F-2941-4689-A3D0-E0037D9CB053"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4730:mfp:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E6F162B-7175-452D-8D50-AC0FB87FBBAE"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1218222B-AC9B-430D-8948-D72F72293B38"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C77E2D0-34F7-4940-AC33-47E405006890"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm3530:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE23783E-399C-431E-802D-68D496913A44"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm4540:mfp:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0221E32-2EA3-4652-AFEB-0F55B9D6F7BF"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm4730:mfp:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFF6E37F-35A2-4EDD-B978-18BC51E1AFED"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm6030:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29A8A052-C159-4257-85A7-9B7EC678AAE9"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm6040:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B84958A-FB55-44B7-9109-B35DFDDC3DC2"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp3505:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B67E71C7-6B28-4326-AFC9-8CA09532C286"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp3525:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7858A3E0-837A-4A10-9D70-99B751EEF279"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp4005:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFD2C1D0-86E9-425D-AA7D-0F8413A13166"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp5525:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DAA6A25-CF6E-44FF-98EB-80CEFFB2EA01"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5994179E-E492-45D8-95F8-790160D9A0BF"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4520:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "276340C4-D4DB-4260-B424-769AB9E0CB7F"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8652F3C8-D34A-4AE4-B2F0-31D636116F75"}, {"criteria": "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8D50F7A-2290-49A1-AB7B-F1FCD5035599"}, {"criteria": "cpe:2.3:h:hp:digital_sender_9200c:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E0408E2-B242-4697-B784-2B4B6C1EE828"}, {"criteria": "cpe:2.3:h:hp:digital_sender_9250c:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ABAE0CD-0994-4D4D-9D9D-A50898C8C1DC"}, {"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4"}, {"criteria": "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8"}, {"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C"}, {"criteria": "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "850BE715-BC0F-4873-9A72-6AED6259FF22"}, {"criteria": "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D"}, {"criteria": "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2D74F55-65F6-4328-B553-2756A75B777E"}, {"criteria": "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F1FEDCF-C604-49B3-B748-03BE3193792E"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_500_color:m551:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDB4B85-F5CD-45DC-A5ED-C4C9F4E6FF4A"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_600:m601:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C4AF24A-E25B-4A2F-B7B7-67E15AAF9B30"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_600:m602:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "305480EC-1C47-4B8A-8568-7CE4C617A319"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_600:m603:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FFE81AF-91B0-40AE-9CF9-3820751AA9D0"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_m4555:mfp:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EB666B7-0A2E-4256-BBD0-817617F01425"}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_p3015:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECEABADC-F719-48BF-9C28-92E09A506681"}, {"criteria": "cpe:2.3:h:hp:laserjet_m3035:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B2A2D06-9C06-4001-B3ED-85C28846C8A9"}, {"criteria": "cpe:2.3:h:hp:laserjet_m5035:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7FD4993-FD92-4D35-AD8D-099B76436CEE"}, {"criteria": "cpe:2.3:h:hp:laserjet_m9040:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "029D54F1-1849-45AB-9DD4-7768197516B2"}, {"criteria": "cpe:2.3:h:hp:laserjet_m9050:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45B98C71-FF30-44D9-904E-61676C4313F9"}, {"criteria": "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BED71C7-C0A7-4934-9930-1EC7C5A96584"}, {"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482"}, {"criteria": "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CFBC095-00B6-48D7-AC0A-C172DD3A550B"}, {"criteria": "cpe:2.3:h:hp:laserjet_p4515:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A71AB74-7F6B-4B0F-8C52-F12187A6788A"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}