{"id": "CVE-2019-6320", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2020-01-09T19:15:10.497", "references": [{"url": "https://support.hp.com/us-en/document/c06308143", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://support.hp.com/us-en/document/c06308143", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration."}, {"lang": "es", "value": "Determinadas HP DeskJet 3630 All-in-One Printers modelos F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B y V3F21A - V3F22A (versi\u00f3n de firmware SWP1FN1912BR o superior), presentan una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) que podr\u00eda conllevar a una denegaci\u00f3n de servicio (DOS) o a una configuraci\u00f3n inapropiada del dispositivo."}], "lastModified": "2024-11-21T04:46:24.227", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_f5s43a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFBD372D-FCE4-447F-9653-465B0C117365", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_f5s43a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09AAAEF3-3CF8-4F36-BABE-B56131229FFD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_f5s57a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C6168C9-D5E5-4F24-A14B-11B80B2622BC", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_f5s57a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "93D9144A-FF96-47D6-ACB2-582A4116AC05"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_k4t93a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EDFBAAC-B829-4C8F-A2AC-494661FA490C", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_k4t93a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE9892A4-E8B1-44A9-BAD2-BC5CE98945DD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_k4t99c_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13F7E920-0440-479C-9FF4-4227EAD89BA2", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_k4t99c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4CAC11A2-4040-4CCE-BFD3-D41335F76288"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_k4u00b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D13D5B4B-48AA-4DDA-93BD-DFCAB470669C", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_k4u00b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD6AFF7E-95A6-427E-B34F-BC2C5431732B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_k4u03b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D42966CC-8380-4629-8844-634FD4D7A538", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_k4u03b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "630AE831-E298-49D9-BACB-840D0DF7D292"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_v3f21a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9C504B5-4B1B-4AF9-97D7-552F68886BC5", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_v3f21a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57874890-AB5F-4263-A7B4-F9DC85C62338"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:deskjet_3630_v3f22a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADBD9412-3EBC-4909-AC29-6345B6484D51", "versionEndExcluding": "swp1fn1912br"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:deskjet_3630_v3f22a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58D02BB0-D15D-471E-9017-D51C08E7CB92"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}
