HP LaserJet/OfficeJet Enterprise/PageWide 跨站脚本攻击
CVE编号
CVE-2017-2743利用情况
暂无补丁情况
N/A披露时间
2018-01-24漏洞描述
HP Color LaserJet CM4540 MFP CC419A等都是美国惠普(HP)公司的打印机设备。 多款HP产品中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。解决建议
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:https://support.hp.com/us-en/document/c05541569
参考链接 |
|
|---|---|
| https://support.hp.com/us-en/document/c05541569 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | hp | 2a68a_firmware | * | Up to (excluding) 2308214_000911 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | 2a69a_firmware | * | Up to (excluding) 2308214_000911 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | 2a70a_firmware | * | Up to (excluding) 2308214_000911 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | 2a71a_firmware | * | Up to (excluding) 2308214_000911 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | a2w75a_firmware | * | Up to (excluding) 2308214_000928 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | a2w76a_firmware | * | Up to (excluding) 2308214_000928 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | a2w77a_firmware | * | Up to (excluding) 2308214_000930 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | a2w78a_firmware | * | Up to (excluding) 2308214_000930 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | a2w79a_firmware | * | Up to (excluding) 2308214_000930 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b3g85a_firmware | * | Up to (excluding) 2308214_000912 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l04a_firmware | * | Up to (excluding) 2308214_000902 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l05a_firmware | * | Up to (excluding) 2308214_000902 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l07a_firmware | * | Up to (excluding) 2308214_000902 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l23a_firmware | * | Up to (excluding) 2308214_000907 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l24a_firmware | * | Up to (excluding) 2308214_000907 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l25a_firmware | * | Up to (excluding) 2308214_000907 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l26a_firmware | * | Up to (excluding) 2308214_000907 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l46a_firmware | * | Up to (excluding) 2308214_000909 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l47a_firmware | * | Up to (excluding) 2308214_000909 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | b5l48a_firmware | * | Up to (excluding) 2308214_000909 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | c2s11a_firmware | * | Up to (excluding) 2308214_000906 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | c2s12a_firmware | * | Up to (excluding) 2308214_000906 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc419a_firmware | * | Up to (excluding) 2308214_000901 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc420a_firmware | * | Up to (excluding) 2308214_000901 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc421a_firmware | * | Up to (excluding) 2308214_000901 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc522a_firmware | * | Up to (excluding) 2308214_000932 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc523a_firmware | * | Up to (excluding) 2308214_000932 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cc524a_firmware | * | Up to (excluding) 2308214_000932 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cd644a_firmware | * | Up to (excluding) 2308214_000925 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cd645a_firmware | * | Up to (excluding) 2308214_000925 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cd646a_firmware | * | Up to (excluding) 2308214_000925 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce503a_firmware | * | Up to (excluding) 2308214_000904 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce504a_firmware | * | Up to (excluding) 2308214_000904 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce707a_firmware | * | Up to (excluding) 2308214_000900 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce708a_firmware | * | Up to (excluding) 2308214_000900 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce709a_firmware | * | Up to (excluding) 2308214_000900 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce738a_firmware | * | Up to (excluding) 2308214_000904 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce989a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce990a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce991a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce992a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce993a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce994a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce995a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | ce996a_firmware | * | Up to (excluding) 2308214_000926 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf066a_firmware | * | Up to (excluding) 2308214_000921 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf067a_firmware | * | Up to (excluding) 2308214_000921 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf068a_firmware | * | Up to (excluding) 2308214_000921 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf069a_firmware | * | Up to (excluding) 2308214_000921 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf081a_firmware | * | Up to (excluding) 2308214_000927 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf082a_firmware | * | Up to (excluding) 2308214_000927 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf083a_firmware | * | Up to (excluding) 2308214_000927 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf116a_firmware | * | Up to (excluding) 2308214_000913 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf117a_firmware | * | Up to (excluding) 2308214_000913 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf118a_firmware | * | Up to (excluding) 2308214_000913 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf235a_firmware | * | Up to (excluding) 2308214_000922 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf236a_firmware | * | Up to (excluding) 2308214_000922 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf238a_firmware | * | Up to (excluding) 2308214_000922 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cf367a_firmware | * | Up to (excluding) 2308214_000916 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cz244a_firmware | * | Up to (excluding) 2308214_000920 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | cz245a_firmware | * | Up to (excluding) 2308214_000920 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | d3l08a_firmware | * | Up to (excluding) 2308214_000931 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | d3l09a_firmware | * | Up to (excluding) 2308214_000931 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | d3l10a_firmware | * | Up to (excluding) 2308214_000931 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | d7p70a_firmware | * | Up to (excluding) 2308214_000928 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | d7p71a_firmware | * | Up to (excluding) 2308214_000928 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b67a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b68a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b69a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b70a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b71a_firmware | * | Up to (excluding) _2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b72a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | e6b73a_firmware | * | Up to (excluding) 2308214_000908 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | f2a76a_firmware | * | Up to (excluding) 2308214_000905 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | f2a77a_firmware | * | Up to (excluding) 2308214_000905 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | f2a81a_firmware | * | Up to (excluding) 2308214_000905 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w39a_firmware | * | Up to (excluding) 2308214_000923 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w40a_firmware | * | Up to (excluding) 2308214_000923 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w41a_firmware | * | Up to (excluding) 2308214_000923 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w46a_firmware | * | Up to (excluding) 2308214_000910 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w46v_firmware | * | Up to (excluding) 2308214_000910 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w47a_firmware | * | Up to (excluding) 2308214_000910 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | g1w47v_firmware | * | Up to (excluding) 2308214_000910 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | j7x28a_firmware | * | Up to (excluding) _2308214_000912 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | l2717a_firmware | * | Up to (excluding) 2308214_000903 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | l3u42a_firmware | * | Up to (excluding) 2308214_000923 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | l3u43a_firmware | * | Up to (excluding) 2308214_000923 | |||||
| 运行在以下环境 | |||||||||
| 系统 | hp | l3u44a_firmware | * | Up to (excluding) 2308214_000910 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | 2a68a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | 2a69a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | 2a70a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | 2a71a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | a2w75a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | a2w76a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | a2w77a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | a2w78a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | a2w79a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b3g85a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l04a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l05a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l07a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l23a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l24a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l25a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l26a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l46a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l47a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | b5l48a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | c2s11a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | c2s12a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc419a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc420a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc421a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc522a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc523a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cc524a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cd644a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cd646a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce503a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce504a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce707a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce708a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce709a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce738a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce989a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce990a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce991a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce992a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce993a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce994a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce995a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | ce996a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf066a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf067a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf068a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf069a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf081a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf082a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf083a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf116a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf117a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf118a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf235a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf236a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf238a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cf367a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cz244a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | cz245a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | d3l08a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | d3l09a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | d3l10a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | d7p70a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | d7p71a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b67a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b68a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b69a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b70a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b71a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b72a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | e6b73a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | f2a76a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | f2a77a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | f2a81a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w39a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w40a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w41a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w46a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w46v | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w47a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | g1w47v | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | j7x28a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | l2717a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | l3u42a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | l3u43a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | hp | l3u44a | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 已更改
- 用户交互 需要
- 可用性 无
- 保密性 低
- 完整性 低
| CWE-ID | 漏洞类型 |
| CWE-79 | 在Web页面生成时对输入的转义处理不恰当(跨站脚本) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论