製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の HP LaserJet Pro のファームウェアにおけるデータを変更される脆弱性

Title	複数の HP LaserJet Pro のファームウェアにおけるデータを変更される脆弱性
Summary	複数の HP LaserJet Pro のファームウェアには、データを変更される脆弱性が存在します。
Possible impacts	第三者により、データを変更される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 31, 2013, midnight
Registration Date	Aug. 6, 2013, 5:43 p.m.
Last Update	Aug. 6, 2013, 5:43 p.m.

CVSS2.0 : 危険
Score	7.8
Vector	AV:N/AC:L/Au:N/C:N/I:C/A:N

Affected System

ヒューレット・パッカード

HP HotSpot LaserJet Pro M1218nfs MFP B4K88A

HP HotSpot LaserJet Pro M1218nfs MFP ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro CP1025nw Color Printer CE914A

HP LaserJet Pro CP1025nw Color Printer CE918A

HP LaserJet Pro CP1025nw Color Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro M1212nf Multifunction Printer CE841A

HP LaserJet Pro M1212nf Multifunction Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro M1213nf Multifunction Printer CE845A

HP LaserJet Pro M1213nf Multifunction Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro M1214nfh Multifunction Printer CE842A

HP LaserJet Pro M1214nfh Multifunction Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro M1216nfh Multifunction Printer CE843A

HP LaserJet Pro M1216nfh Multifunction Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro M1217nfw Multifunction Printer CE844A

HP LaserJet Pro M1217nfw Multifunction Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro P1102w Printer CE657A

HP LaserJet Pro P1102w Printer CE658A

HP LaserJet Pro P1102w Printer ファームウェア 2013-07-26 20130703 未満

HP LaserJet Pro P1606dn Printer CE749A

HP LaserJet Pro P1606dn Printer ファームウェア 2013-07-26 20130703 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-4807	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4807
National Vulnerability Database (NVD)
2	CVE-2013-4807	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4807

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
HP Security Bulletin
1	HPSBPI02887 SSRT101181	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03825817

Change Log

No	Changed Details	Date of change
0	[2013年08月06日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-4807

Summary	Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors.
Publication Date	Aug. 5, 2013, 10:22 p.m.
Registration Date	Jan. 26, 2021, 3:44 p.m.
Last Update	Nov. 21, 2024, 10:56 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_cp1025nw_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_cp1025nw:ce914a:::::::*
2	cpe:2.3:h:hp:laserjet_pro_cp1025nw:ce918a:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_m1214nfh_mfp_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_m1214nfh_mfp:ce842a:::::::*

Configuration3		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_p1606dn_firmware:20130212:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_p1606dn:ce749a:::::::*

Configuration4		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_m1216nfh_multifunction_printer_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_m1216nfh_multifunction_printer:ce843a:::::::*

Configuration5		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_m1213nf_mfp_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_m1213nf_mfp:ce845a:::::::*

Configuration6		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_m1212nf_mfp_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_m1212nf_mfp:ce841a:::::::*

Configuration7		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_m1217nfw_multifunction_printer_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_m1217nfw_multifunction_printer:ce844a:::::::*

Configuration8		or higher	or less	more than	less than
cpe:2.3:h:hp:laserjet_pro_p1102w_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:laserjet_pro_p1102w:ce657a:::::::*
2	cpe:2.3:h:hp:laserjet_pro_p1102w:ce658a:::::::*

Configuration9		or higher	or less	more than	less than
cpe:2.3:h:hp:hotspot_laserjet_pro_m1218nfs_mfp_firmware:20130703:::::::*
execution environment
1	cpe:2.3:h:hp:hotspot_laserjet_pro_m1218nfs_mfp:b4k88a:::::::*

Related information, measures and tools

No	URL	タグ
1	http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03825817	Vendor Advisory
2	http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03825817	Vendor Advisory
3	http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03825817	Vendor Advisory
4	http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03825817	Vendor Advisory
5	http://osvdb.org/95907
6	http://osvdb.org/95907
7	http://www.securityfocus.com/bid/61565
8	http://www.securityfocus.com/bid/61565
9	http://www.securitytracker.com/id/1028869
10	http://www.securitytracker.com/id/1028869
11	https://exchange.xforce.ibmcloud.com/vulnerabilities/86178
12	https://exchange.xforce.ibmcloud.com/vulnerabilities/86178

Common Vulnerabilities List