CVE-2016-2244

HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors.

CVSS v3 5.9 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securitytracker.com/id/1035191
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353	Vendor Advisory
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353	Vendor Advisory
http://www.securitytracker.com/id/1035191
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353	Vendor Advisory
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:hp:a2w75a:-:::::::*
	cpe:2.3:h:hp:a2w76a:-:::::::*
	cpe:2.3:h:hp:a2w77a:-:::::::*
	cpe:2.3:h:hp:a2w78a:-:::::::*
	cpe:2.3:h:hp:a2w79a:-:::::::*
	cpe:2.3:h:hp:b3g85a:-:::::::*
	cpe:2.3:h:hp:b5l04a:-:::::::*
	cpe:2.3:h:hp:b5l05a:-:::::::*
	cpe:2.3:h:hp:b5l07a:-:::::::*
	cpe:2.3:h:hp:c2s11a:-:::::::*
	cpe:2.3:h:hp:c2s12a:-:::::::*
	cpe:2.3:h:hp:ca251a:-:::::::*
	cpe:2.3:h:hp:cc522a:-:::::::*
	cpe:2.3:h:hp:cc523a:-:::::::*
	cpe:2.3:h:hp:cc524a:-:::::::*
	cpe:2.3:h:hp:cd644a:-:::::::*
	cpe:2.3:h:hp:cd645a:-:::::::*
	cpe:2.3:h:hp:cd646a:-:::::::*
	cpe:2.3:h:hp:ce989a:-:::::::*
	cpe:2.3:h:hp:ce990a:-:::::::*
	cpe:2.3:h:hp:ce991a:-:::::::*
	cpe:2.3:h:hp:ce992a:-:::::::*
	cpe:2.3:h:hp:ce993a:-:::::::*
	cpe:2.3:h:hp:ce994a:-:::::::*
	cpe:2.3:h:hp:ce995a:-:::::::*
	cpe:2.3:h:hp:ce996a:-:::::::*
	cpe:2.3:h:hp:cf066a:-:::::::*
	cpe:2.3:h:hp:cf067a:-:::::::*
	cpe:2.3:h:hp:cf068a:-:::::::*
	cpe:2.3:h:hp:cf069a:-:::::::*
	cpe:2.3:h:hp:cf081a:-:::::::*
	cpe:2.3:h:hp:cf082a:-:::::::*
	cpe:2.3:h:hp:cf083a:-:::::::*
	cpe:2.3:h:hp:cf116a:-:::::::*
	cpe:2.3:h:hp:cf117a:-:::::::*
	cpe:2.3:h:hp:cf118a:-:::::::*
	cpe:2.3:h:hp:cf235a:-:::::::*
	cpe:2.3:h:hp:cf236a:-:::::::*
	cpe:2.3:h:hp:cf238a:-:::::::*
	cpe:2.3:h:hp:cf367a:-:::::::*
	cpe:2.3:h:hp:cz244a:-:::::::*
	cpe:2.3:h:hp:cz245a:-:::::::*
	cpe:2.3:h:hp:cz249a:-:::::::*
	cpe:2.3:h:hp:cz250a:-:::::::*
	cpe:2.3:h:hp:cz255a:-:::::::*
	cpe:2.3:h:hp:cz256a:-:::::::*
	cpe:2.3:h:hp:cz257a:-:::::::*
	cpe:2.3:h:hp:cz258a:-:::::::*
	cpe:2.3:h:hp:d3l08a:-:::::::*
	cpe:2.3:h:hp:d3l09a:-:::::::*
	cpe:2.3:h:hp:d3l10a:-:::::::*
	cpe:2.3:h:hp:d7p70a:-:::::::*
	cpe:2.3:h:hp:d7p71a:-:::::::*
	cpe:2.3:h:hp:j7x28a:-:::::::*

cpe:2.3:o:hp:futuresmart_firmware:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:48

Type	Values Removed	Values Added
References	~~() http://www.securitytracker.com/id/1035191 -~~	() http://www.securitytracker.com/id/1035191 -
References	~~() https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353 - Vendor Advisory~~	() https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353 - Vendor Advisory

Information

Published : 2016-03-04 15:59

Updated : 2025-04-12 10:46

NVD link : CVE-2016-2244

Mitre link : CVE-2016-2244

CVE.ORG link : CVE-2016-2244

JSON object : View

Products Affected

cf235a
cc522a
cc524a
cf069a
cf238a
cz245a
b5l07a
d3l10a
ce989a
cd644a
cz249a
ce996a
ce993a
j7x28a
futuresmart_firmware
a2w75a
ce990a
cf117a
cf118a
d7p71a
ce995a
cz258a
d3l09a
cf082a
a2w77a
cc523a
c2s12a
a2w79a
c2s11a
cf116a
cz250a
a2w78a
ca251a
b5l04a
cf081a
ce991a
cf067a
cd645a
cf068a
cz257a
ce992a
cf236a
cz255a
cz244a
cf066a
d3l08a
ce994a
cf083a
cf367a
a2w76a
cz256a
cd646a
d7p70a
b5l05a
b3g85a

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2016-2244", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2016-03-04T15:59:01.500", "references": [{"url": "http://www.securitytracker.com/id/1035191", "source": "hp-security-alert@hp.com"}, {"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.securitytracker.com/id/1035191", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05030353", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "HP LaserJet printers and MFPs and OfficeJet Enterprise printers with firmware before 3.7.01 allow remote attackers to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "Impresoras HP LaserJet e impresoras MFPs OfficeJet Enterprise con firmware anterior a 3.7.01 permiten a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:a2w75a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B21E6919-1D0C-44DA-AFF5-77486213E98A"}, {"criteria": "cpe:2.3:h:hp:a2w76a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42266438-FCAA-4626-A5E6-EA675BC6CED7"}, {"criteria": "cpe:2.3:h:hp:a2w77a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02BA1E17-7260-4BE9-A8D0-FF62A47EA988"}, {"criteria": "cpe:2.3:h:hp:a2w78a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7A66E28-F591-4105-8F5C-658047CB28AA"}, {"criteria": "cpe:2.3:h:hp:a2w79a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A56760E-BDBF-455D-892B-27B3A309E53D"}, {"criteria": "cpe:2.3:h:hp:b3g85a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D480FED5-85AA-4D6A-805B-995A6BCE70C0"}, {"criteria": "cpe:2.3:h:hp:b5l04a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4BDB3A97-FB33-4723-BE10-B08D604DCB8F"}, {"criteria": "cpe:2.3:h:hp:b5l05a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8C6655F2-5E0E-45DF-A331-CACED3A39EB1"}, {"criteria": "cpe:2.3:h:hp:b5l07a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E9A2E2C-422A-4D51-A6C0-F2253F7BE5C2"}, {"criteria": "cpe:2.3:h:hp:c2s11a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50D1D946-FA61-43D6-867C-B1FA207F2532"}, {"criteria": "cpe:2.3:h:hp:c2s12a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "333BE27C-8E3B-494D-A630-CBF0EC7078BD"}, {"criteria": "cpe:2.3:h:hp:ca251a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6C2BCB4-ED2B-4716-B61D-1F16B166D0B7"}, {"criteria": "cpe:2.3:h:hp:cc522a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3C1ADE6-B1A1-4A47-9D1E-C99BB70D389D"}, {"criteria": "cpe:2.3:h:hp:cc523a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A03F6C70-DCF2-437A-B4C5-1D0110FB79EE"}, {"criteria": "cpe:2.3:h:hp:cc524a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7D48163-079E-4928-A090-7E0A30FB6B4C"}, {"criteria": "cpe:2.3:h:hp:cd644a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F9F0833-1CFB-4425-9C66-ACA8680545B4"}, {"criteria": "cpe:2.3:h:hp:cd645a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DD382BD5-E902-47C0-B9E5-3F08D04EEFAC"}, {"criteria": "cpe:2.3:h:hp:cd646a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41A1C170-BC7D-49EC-B1EF-D56D4469590E"}, {"criteria": "cpe:2.3:h:hp:ce989a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "39A54EDB-CC34-4BC4-A20A-0EA30FC798DC"}, {"criteria": "cpe:2.3:h:hp:ce990a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DD99E74-A75F-44B8-86F3-22850CEBEA9A"}, {"criteria": "cpe:2.3:h:hp:ce991a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8412130-F79B-45BF-A8CF-9F24FF5F777A"}, {"criteria": "cpe:2.3:h:hp:ce992a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2765F303-BA92-4BE1-A672-62CAF0ECC201"}, {"criteria": "cpe:2.3:h:hp:ce993a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "69C58820-E294-4BE6-9565-78B0EAEE0CF6"}, {"criteria": "cpe:2.3:h:hp:ce994a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BDFB2F91-FCAA-4A92-A7DC-9637C901FB53"}, {"criteria": "cpe:2.3:h:hp:ce995a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C6798D2-FD42-44F9-A45D-AA49228F672B"}, {"criteria": "cpe:2.3:h:hp:ce996a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F40E086-FFDE-4E4E-9DB0-F537F7CEB6E0"}, {"criteria": "cpe:2.3:h:hp:cf066a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7284308-1FC8-474E-8DE0-AB358B6D0ED7"}, {"criteria": "cpe:2.3:h:hp:cf067a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E3D1195-AF78-4B87-BB61-AD551E8DCD1D"}, {"criteria": "cpe:2.3:h:hp:cf068a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E2DB7025-7AD5-4C4F-B6BA-7EA1874D2B5B"}, {"criteria": "cpe:2.3:h:hp:cf069a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8711CE56-C7CD-4C92-B18B-4AE9CDD11BAD"}, {"criteria": "cpe:2.3:h:hp:cf081a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DFF19F65-3CD4-46C3-9AFD-1C5EA0942B7C"}, {"criteria": "cpe:2.3:h:hp:cf082a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64646EAE-4CFF-4184-BA59-DCD59C18C217"}, {"criteria": "cpe:2.3:h:hp:cf083a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5FBCD353-9942-4B5C-BEAB-BF818B22962C"}, {"criteria": "cpe:2.3:h:hp:cf116a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0EBA452B-6812-48FA-8DEE-AA72F6FFCCE5"}, {"criteria": "cpe:2.3:h:hp:cf117a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DCA39F69-75F0-4574-A8B9-435AE52890D0"}, {"criteria": "cpe:2.3:h:hp:cf118a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AA28619-6BDC-4167-8DEA-67FF748D2453"}, {"criteria": "cpe:2.3:h:hp:cf235a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6BCEAD56-073F-423B-B1AA-7DE21DFC1DA7"}, {"criteria": "cpe:2.3:h:hp:cf236a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A4D83788-6F36-4826-BA2C-1FFDB83192A5"}, {"criteria": "cpe:2.3:h:hp:cf238a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99EC7506-7169-4B99-BAD5-91E3150B8EB1"}, {"criteria": "cpe:2.3:h:hp:cf367a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "915BCAF3-F2C4-46F9-80EF-08C49E3C19CD"}, {"criteria": "cpe:2.3:h:hp:cz244a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9491218A-2F33-4FE4-993E-D72769CFC469"}, {"criteria": "cpe:2.3:h:hp:cz245a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "308131FB-9BF5-46B9-B049-EB277E53794A"}, {"criteria": "cpe:2.3:h:hp:cz249a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66EA5150-015F-4D53-85D7-C81944149BD3"}, {"criteria": "cpe:2.3:h:hp:cz250a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1558200-C015-4972-9CF2-13CC73C6949C"}, {"criteria": "cpe:2.3:h:hp:cz255a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D0A2497-71D3-41B3-8605-E8D1571EB422"}, {"criteria": "cpe:2.3:h:hp:cz256a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5C139B39-BC0A-494B-A397-100BAE4496EA"}, {"criteria": "cpe:2.3:h:hp:cz257a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A9F4435-E0B8-4469-A9CF-E285B788BBC8"}, {"criteria": "cpe:2.3:h:hp:cz258a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87EC177C-8515-431F-88D3-F396EA41AD14"}, {"criteria": "cpe:2.3:h:hp:d3l08a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8A251D48-87A8-48FC-AF78-C0B777544F3F"}, {"criteria": "cpe:2.3:h:hp:d3l09a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6821F1D6-64E5-4455-BC1E-5D44DDBF7B0E"}, {"criteria": "cpe:2.3:h:hp:d3l10a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8D50185D-D324-4396-975D-1F2ED909F1A6"}, {"criteria": "cpe:2.3:h:hp:d7p70a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4B03873D-9DF5-43E3-AB2B-8161CB111509"}, {"criteria": "cpe:2.3:h:hp:d7p71a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08CF9EF0-4DA6-41B6-B3FD-B56C7A28918A"}, {"criteria": "cpe:2.3:h:hp:j7x28a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF983EC0-D722-406D-90A9-A012056C7520"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:futuresmart_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DA2EC65-9693-49FD-8F48-35E90DDB81FE", "versionEndIncluding": "3.7"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hp-security-alert@hp.com"}

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2016-2244

5.9^/10

5.0^/10

Attach tags to `CVE-2016-2244`