CVE-2023-4694

Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_d9l19a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_d9l19a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_m9l74a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_m9l74a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_m9l75a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_m9l75a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_m9l76a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_m9l76a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_j7a28a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_j7a28a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_j7a31a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_j7a31a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_k7s34a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_k7s34a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_k7s35a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_k7s35a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_m9l80a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_m9l80a:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_j7a29a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_j7a29a:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_k7s36a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_k7s36a:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:hp:officejet_pro_8730_t0g54a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:officejet_pro_8730_t0g54a:-:*:*:*:*:*:*:*

History

18 Dec 2023, 19:03

Type	Values Removed	Values Added
Summary		(es) Ciertas impresoras HP OfficeJet Pro son potencialmente vulnerables a una denegación de servicio cuando envían un mensaje SOAP al servicio en el puerto TCP 3911 que contiene un cuerpo pero no un encabezado.
First Time		Hp officejet Pro 8730 K7s34a Firmware Hp officejet Pro 8730 M9l80a Firmware Hp officejet Pro 8730 J7a28a Firmware Hp officejet Pro 8730 T0g54a Hp officejet Pro 8730 M9l76a Hp officejet Pro 8730 K7s36a Hp officejet Pro 8730 J7a29a Hp officejet Pro 8730 M9l74a Firmware Hp officejet Pro 8730 K7s36a Firmware Hp officejet Pro 8730 D9l19a Firmware Hp officejet Pro 8730 D9l19a Hp officejet Pro 8730 J7a31a Hp officejet Pro 8730 M9l75a Firmware Hp officejet Pro 8730 M9l80a Hp officejet Pro 8730 T0g54a Firmware Hp officejet Pro 8730 M9l76a Firmware Hp Hp officejet Pro 8730 M9l75a Hp officejet Pro 8730 K7s35a Hp officejet Pro 8730 K7s35a Firmware Hp officejet Pro 8730 J7a28a Hp officejet Pro 8730 K7s34a Hp officejet Pro 8730 J7a29a Firmware Hp officejet Pro 8730 J7a31a Firmware Hp officejet Pro 8730 M9l74a
CPE		cpe:2.3:h:hp:officejet_pro_8730_m9l76a:-:::::::* cpe:2.3:o:hp:officejet_pro_8730_k7s35a_firmware:::::::: cpe:2.3:h:hp:officejet_pro_8730_j7a28a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_d9l19a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_m9l74a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_k7s36a:-:::::::* cpe:2.3:o:hp:officejet_pro_8730_m9l74a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_k7s36a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_m9l75a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_m9l76a_firmware:::::::: cpe:2.3:h:hp:officejet_pro_8730_t0g54a:-:::::::* cpe:2.3:o:hp:officejet_pro_8730_j7a29a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_j7a28a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_m9l80a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_k7s34a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_d9l19a_firmware:::::::: cpe:2.3:o:hp:officejet_pro_8730_j7a31a_firmware:::::::: cpe:2.3:h:hp:officejet_pro_8730_k7s35a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_k7s34a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_j7a29a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_m9l80a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_m9l75a:-:::::::* cpe:2.3:h:hp:officejet_pro_8730_j7a31a:-:::::::* cpe:2.3:o:hp:officejet_pro_8730_t0g54a_firmware::::::::
References	~~() https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894 -~~	() https://support.hp.com/us-en/document/ish_9823639-9823677-16/hpsbpi03894 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		NVD-CWE-noinfo

14 Dec 2023, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-14 19:15

Updated : 2023-12-18 19:03

NVD link : CVE-2023-4694

Mitre link : CVE-2023-4694

CVE.ORG link : CVE-2023-4694

JSON object : View

Products Affected

officejet_pro_8730_m9l75a_firmware
officejet_pro_8730_k7s35a
officejet_pro_8730_m9l80a_firmware
officejet_pro_8730_d9l19a
officejet_pro_8730_j7a31a_firmware
officejet_pro_8730_k7s36a_firmware
officejet_pro_8730_m9l75a
officejet_pro_8730_k7s34a
officejet_pro_8730_m9l76a
officejet_pro_8730_t0g54a
officejet_pro_8730_t0g54a_firmware
officejet_pro_8730_j7a29a
officejet_pro_8730_j7a28a_firmware
officejet_pro_8730_j7a31a
officejet_pro_8730_k7s35a_firmware
officejet_pro_8730_k7s34a_firmware
officejet_pro_8730_m9l74a_firmware
officejet_pro_8730_m9l76a_firmware
officejet_pro_8730_m9l80a
officejet_pro_8730_j7a28a
officejet_pro_8730_k7s36a
officejet_pro_8730_d9l19a_firmware
officejet_pro_8730_m9l74a
officejet_pro_8730_j7a29a_firmware

CWE

NVD-CWE-noinfo

7.5 /10