CVE-2019-6332

CVSS V2 Low 3.5 CVSS V3 Medium 4.8
Description
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.
Overview
  • CVE ID
  • CVE-2019-6332
  • Assigner
  • hp-security-alert@hp.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2020-01-09T19:15:10
  • Last Modified Date
  • 2020-01-21T20:58:36
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:hp:deskjet_2600_4uj28b_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_2600_4uj28b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_2600_v1n01a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_2600_v1n01a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_2600_v1n08a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_2600_v1n08a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_2600_y5h60a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_2600_y5h60a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_2600_y5h80a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_2600_y5h80a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_2600_v1n02a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_ink_advantage_2600_v1n02a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_2600_v1n02b_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_ink_advantage_2600_v1n02b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_2600_y5z00a_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_ink_advantage_2600_y5z00a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_2600_y5z04b_firmware:*:*:*:*:*:*:*:* 1 OR 1923
cpe:2.3:h:hp:deskjet_ink_advantage_2600_y5z04b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_5000_m2u86a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:deskjet_ink_advantage_5000_m2u86a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_5000_m2u89b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:deskjet_ink_advantage_5000_m2u89b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_5200_m2u76a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:deskjet_ink_advantage_5200_m2u76a_:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:deskjet_ink_advantage_5200_m2u78b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:deskjet_ink_advantage_5200_m2u78b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_m2u85a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_m2u85b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_m2u91a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_m2u94b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_z4a54a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_5000_z4a74a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_6200_k7g18a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_6200_k7g26b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_6200_k7s21b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_6200_y0k13d__firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_6200_y0k15a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7100_3xd89a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7100_k7g93a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7100_k7g99a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7100_z3m37a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7100_z3m52a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7800_k7r96a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7800_k7s00a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7800_k7s10d_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7800_y0g42d_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:envy_photo_7800_y0g52b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_z4b53a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_z4b53a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_z4b55a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_z4b55a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_z6z95a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_z6z95a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_z6z99a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_z6z99a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_4dx94a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_4dx94a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_4dx95a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_4dx95a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_4yf79a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_4yf79a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:ink_tank_wireless_410_z7a01a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:ink_tank_wireless_410_z7a01a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_m2u75a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_m2u75a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_m2u81a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_m2u81a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_m2u84b_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_m2u84b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_z4b12a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_z4b12a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_z4b14a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_z4b14a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_z4b27a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_z4b27a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:officejet_5200_z4b29a_firmware:*:*:*:*:*:*:*:* 1 OR 003.1925a
cpe:2.3:h:hp:officejet_5200_z4b29a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:smart_tank_wireless_450_z4b56a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:smart_tank_wireless_450_z4b56a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:smart_tank_wireless_450_z6z96a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:smart_tank_wireless_450_z6z96a:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:hp:smart_tank_wireless_450_z6z98a_firmware:*:*:*:*:*:*:*:* 1 OR 1924
cpe:2.3:h:hp:smart_tank_wireless_450_z6z98a:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:S/C:N/I:P/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • SINGLE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 3.5
  • Severity
  • LOW
  • Exploitability Score
  • 6.8
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • HIGH
  • User Interaction
  • REQUIRED
  • Scope
  • CHANGED
  • Confidentiality Impact
  • LOW
  • Availability Impact
  • NONE
  • Base Score
  • 4.8
  • Base Severity
  • MEDIUM
  • Exploitability Score
  • 1.7
  • Impact Score
  • 2.7
References
Reference URL Reference Tags
https://support.hp.com/in-en/document/c06428029 Vendor Advisory
History
Created Old Value New Value Data Type Notes
2022-05-10 16:52:52 Added to TrackCVE
2022-12-04 09:13:10 2020-01-09T19:15Z 2020-01-09T19:15:10 CVE Published Date updated
2022-12-04 09:13:10 2020-01-21T20:58:36 CVE Modified Date updated
2022-12-04 09:13:10 Analyzed Vulnerability Status updated