CVE-2004-2439

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-2439
The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085 Vendor Advisory
http://securitytracker.com/id?1011671 Vendor Advisory
http://www.securityfocus.com/bid/11297
https://exchange.xforce.ibmcloud.com/vulnerabilities/17634
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085 Vendor Advisory
http://securitytracker.com/id?1011671 Vendor Advisory
http://www.securityfocus.com/bid/11297
https://exchange.xforce.ibmcloud.com/vulnerabilities/17634
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet:5500:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet:5550:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9040_mpf:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9050_mpf:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_9500_mpf:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-2439

Mitre link : CVE-2004-2439

CVE.ORG link : CVE-2004-2439

JSON object : View

Products Affected

hp

  • laserjet_9500_mpf
  • color_laserjet
  • laserjet_4200
  • laserjet_4100_mfp
  • laserjet_9065
  • laserjet_3700
  • laserjet_3000
  • laserjet_9050_mpf
  • color_laserjet_4600
  • laserjet_4300
  • laserjet_9040_mpf
  • laserjet_2500
  • laserjet_9000
  • laserjet_9055
  • laserjet_9050
  • laserjet_9000_mfp
  • laserjet_9500
CWE
NVD-CWE-Other