CVE-2017-2750
Current Description
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.
Basic Data
Published | January 23, 2018 |
Last Modified | February 21, 2018 |
Assigner | cve@mitre.org |
Data Type | CVE |
Data Format | MITRE |
Data Version | 4.0 |
Problem Type | CWE-20 |
CVE Data Version | 4.0 |
Base Metric V2
CVSS 2 - Version | 2.0 |
CVSS 2 - Vector String | AV:N/AC:L/Au:N/C:P/I:P/A:P |
CVSS 2 - Access Vector | NETWORK |
CVSS 2 - Access Complexity | LOW |
CVSS 2 - Authentication | NONE |
CVSS 2 - Confidentiality Impact | PARTIAL |
CVSS 2 - Availability Impact | PARTIAL |
CVSS 2 - Base Score | 7.5 |
Severity | HIGH |
Exploitability Score | 10.0 |
Impact Score | 6.4 |
Obtain All Privilege | false |
Obtain User Privilege | false |
Obtain Other Privilege | false |
Base Metric V3
CVSS 3 - Version | 3.0 |
CVSS 3 - Vector String | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVSS 3 - Attack Vector | NETWORK |
CVSS 3 - Attack Complexity | LOW |
CVSS 3 - Privileges Required | NONE |
CVSS 3 - User Interaction | NONE |
CVSS 3 - Scope | UNCHANGED |
CVSS 3 - Confidentiality Impact | HIGH |
CVSS 3 - Integrity Impact | HIGH |
CVSS 3 - Availability Impact | HIGH |
CVSS 3 - Base Score | 9.8 |
CVSS 3 - Base Severity | CRITICAL |
Exploitability Score | 3.9 |
Base Severity | CRITICAL |
Configurations
-
AND
-
OR - Configuration 1
Cpe Version | Part | Vendor | Product | Version | Update | Edition | Language | SW Edition | Target SW | Target HW | Other | Version Start Including | Version End Including | Version Start Excluding | Version End Excluding |
2.3 | OS | Hp | L2683a Firmware | * | * | * | * | * | * | * | * | |