National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2017-2750 Detail

Current Description

Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions.

Source:  MITRE
Description Last Modified:  01/23/2018
View Analysis Description

Impact

CVSS v3.0 Severity and Metrics:

Base Score: 9.8 CRITICAL
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (V3 legend)
Impact Score: 5.9
Exploitability Score: 3.9


Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

CVSS v2.0 Severity and Metrics:

Base Score: 7.5 HIGH
Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) (V2 legend)
Impact Subscore: 6.4
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Partial
Integrity (I): Partial
Availability (A): Partial
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://www.securityfocus.com/bid/101965 Third Party Advisory VDB Entry
https://support.hp.com/us-en/document/c05839270 Mitigation Vendor Advisory

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
AND
OR
cpe:2.3:o:hp:l2683a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018552
OR
cpe:2.3:h:hp:l2683a:-:*:*:*:*:*:*:*
Configuration 2
AND
OR
cpe:2.3:o:hp:l2717a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578486
OR
cpe:2.3:h:hp:l2717a:-:*:*:*:*:*:*:*
Configuration 3
AND
OR
cpe:2.3:o:hp:l2762a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578483
OR
cpe:2.3:h:hp:l2762a:-:*:*:*:*:*:*:*
Configuration 4
AND
OR
cpe:2.3:o:hp:l2762a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018553
OR
cpe:2.3:h:hp:l2762a:-:*:*:*:*:*:*:*
Configuration 5
AND
OR
cpe:2.3:o:hp:j7z13a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z13a:-:*:*:*:*:*:*:*
Configuration 6
AND
OR
cpe:2.3:o:hp:z5g79a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:z5g79a:-:*:*:*:*:*:*:*
Configuration 7
AND
OR
cpe:2.3:o:hp:l3u42a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:l3u42a:-:*:*:*:*:*:*:*
Configuration 8
AND
OR
cpe:2.3:o:hp:l3u42a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:l3u42a:-:*:*:*:*:*:*:*
Configuration 9
AND
OR
cpe:2.3:o:hp:j7z08a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z08a:-:*:*:*:*:*:*:*
Configuration 10
AND
OR
cpe:2.3:o:hp:j7z14a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z14a:-:*:*:*:*:*:*:*
Configuration 11
AND
OR
cpe:2.3:o:hp:z5g77a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:z5g77a:-:*:*:*:*:*:*:*
Configuration 12
AND
OR
cpe:2.3:o:hp:j7z03a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z03a:-:*:*:*:*:*:*:*
Configuration 13
AND
OR
cpe:2.3:o:hp:j7z07a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z07a:-:*:*:*:*:*:*:*
Configuration 14
AND
OR
cpe:2.3:o:hp:j7z05a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z05a:-:*:*:*:*:*:*:*
Configuration 15
AND
OR
cpe:2.3:o:hp:l3u43a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:l3u43a:-:*:*:*:*:*:*:*
Configuration 16
AND
OR
cpe:2.3:o:hp:l3u43a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:l3u43a:-:*:*:*:*:*:*:*
Configuration 17
AND
OR
cpe:2.3:o:hp:g1w41a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w41a:-:*:*:*:*:*:*:*
Configuration 18
AND
OR
cpe:2.3:o:hp:g1w41v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w41v:-:*:*:*:*:*:*:*
Configuration 19
AND
OR
cpe:2.3:o:hp:g1w41v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w41v:-:*:*:*:*:*:*:*
Configuration 20
AND
OR
cpe:2.3:o:hp:g1w41a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w41a:-:*:*:*:*:*:*:*
Configuration 21
AND
OR
cpe:2.3:o:hp:j7z06a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018564
OR
cpe:2.3:h:hp:j7z06a:-:*:*:*:*:*:*:*
Configuration 22
AND
OR
cpe:2.3:o:hp:g1w46a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000051
OR
cpe:2.3:h:hp:g1w46a:-:*:*:*:*:*:*:*
Configuration 23
AND
OR
cpe:2.3:o:hp:g1w46v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000051
OR
cpe:2.3:h:hp:g1w46v:-:*:*:*:*:*:*:*
Configuration 24
AND
OR
cpe:2.3:o:hp:g1w47v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000051
OR
cpe:2.3:h:hp:g1w47v:-:*:*:*:*:*:*:*
Configuration 25
AND
OR
cpe:2.3:o:hp:l3u44a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000051
OR
cpe:2.3:h:hp:l3u44a:-:*:*:*:*:*:*:*
Configuration 26
AND
OR
cpe:2.3:o:hp:g1w46a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578491
OR
cpe:2.3:h:hp:g1w46a:-:*:*:*:*:*:*:*
Configuration 27
AND
OR
cpe:2.3:o:hp:g1w46v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578491
OR
cpe:2.3:h:hp:g1w46v:-:*:*:*:*:*:*:*
Configuration 28
AND
OR
cpe:2.3:o:hp:g1w47a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578491
OR
cpe:2.3:h:hp:g1w47a:-:*:*:*:*:*:*:*
Configuration 29
AND
OR
cpe:2.3:o:hp:g1w47v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578491
OR
cpe:2.3:h:hp:g1w47v:-:*:*:*:*:*:*:*
Configuration 30
AND
OR
cpe:2.3:o:hp:l3u44a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578491
OR
cpe:2.3:h:hp:l3u44a:-:*:*:*:*:*:*:*
Configuration 31
AND
OR
cpe:2.3:o:hp:j7z09a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z09a:-:*:*:*:*:*:*:*
Configuration 32
AND
OR
cpe:2.3:o:hp:j7z10a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z10a:-:*:*:*:*:*:*:*
Configuration 33
AND
OR
cpe:2.3:o:hp:j7z11a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z11a:-:*:*:*:*:*:*:*
Configuration 34
AND
OR
cpe:2.3:o:hp:j7z12a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018548
OR
cpe:2.3:h:hp:j7z12a:-:*:*:*:*:*:*:*
Configuration 35
AND
OR
cpe:2.3:o:hp:g1w39a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w39a:-:*:*:*:*:*:*:*
Configuration 36
AND
OR
cpe:2.3:o:hp:g1w39v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w39v:-:*:*:*:*:*:*:*
Configuration 37
AND
OR
cpe:2.3:o:hp:g1w40a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w40a:-:*:*:*:*:*:*:*
Configuration 38
AND
OR
cpe:2.3:o:hp:g1w40v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000066
OR
cpe:2.3:h:hp:g1w40v:-:*:*:*:*:*:*:*
Configuration 39
AND
OR
cpe:2.3:o:hp:g1w39a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w39a:-:*:*:*:*:*:*:*
Configuration 40
AND
OR
cpe:2.3:o:hp:g1w39v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w39v:-:*:*:*:*:*:*:*
Configuration 41
AND
OR
cpe:2.3:o:hp:g1w40a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w40a:-:*:*:*:*:*:*:*
Configuration 42
AND
OR
cpe:2.3:o:hp:g1w40v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578492
OR
cpe:2.3:h:hp:g1w40v:-:*:*:*:*:*:*:*
Configuration 43
AND
OR
cpe:2.3:o:hp:j7z04a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405087_018564
OR
cpe:2.3:h:hp:j7z04a:-:*:*:*:*:*:*:*
Configuration 44
AND
OR
cpe:2.3:o:hp:c2s11a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578482
OR
cpe:2.3:h:hp:c2s11a:-:*:*:*:*:*:*:*
Configuration 45
AND
OR
cpe:2.3:o:hp:c2s12a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578482
OR
cpe:2.3:h:hp:c2s12a:-:*:*:*:*:*:*:*
Configuration 46
AND
OR
cpe:2.3:o:hp:c2s11v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578482
OR
cpe:2.3:h:hp:c2s11v:-:*:*:*:*:*:*:*
Configuration 47
AND
OR
cpe:2.3:o:hp:c2s12v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578482
OR
cpe:2.3:h:hp:c2s12v-:-:*:*:*:*:*:*:*
Configuration 48
AND
OR
cpe:2.3:o:hp:l1h45a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2308937_578482
OR
cpe:2.3:h:hp:l1h45a:-:*:*:*:*:*:*:*
Configuration 49
AND
OR
cpe:2.3:o:hp:b5l06a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000050
OR
cpe:2.3:h:hp:b5l06a:-:*:*:*:*:*:*:*
Configuration 50
AND
OR
cpe:2.3:o:hp:b5l06v_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000050
OR
cpe:2.3:h:hp:b5l06v:-:*:*:*:*:*:*:*
Configuration 51
AND
OR
cpe:2.3:o:hp:b5l07a_firmware:*:*:*:*:*:*:*:*    versions up to (excluding) 2405129_000050
Configuration 52
Configuration 53
Configuration 54
Configuration 55
Configuration 56
Configuration 57
Configuration 58
Configuration 59
Configuration 60
Configuration 61
Configuration 62
Configuration 63
Configuration 64
Configuration 65
Configuration 66
Configuration 67
Configuration 68
Configuration 69
Configuration 70
Configuration 71
Configuration 72
Configuration 73
Configuration 74
Configuration 75
Configuration 76
Configuration 77
Configuration 78
Configuration 79
Configuration 80
Configuration 81
Configuration 82
Configuration 83
Configuration 84
Configuration 85
Configuration 86
Configuration 87
Configuration 88
Configuration 89
Configuration 90
Configuration 91
Configuration 92
Configuration 93
Configuration 94
Configuration 95
Configuration 96
Configuration 97
Configuration 98
Configuration 99
Configuration 100
Configuration 101
Configuration 102
Configuration 103
Configuration 104
Configuration 105
Configuration 106
Configuration 107
Configuration 108
Configuration 109
Configuration 110
Configuration 111
Configuration 112
Configuration 113
Configuration 114
Configuration 115
Configuration 116
Configuration 117
Configuration 118
Configuration 119
Configuration 120
Configuration 121
Configuration 122
Configuration 123
Configuration 124
Configuration 125
Configuration 126
Configuration 127
Configuration 128
Configuration 129
Configuration 130
Configuration 131
Configuration 132
Configuration 133
Configuration 134
Configuration 135
Configuration 136
Configuration 137
Configuration 138
Configuration 139
Configuration 140
Configuration 141
Configuration 142
Configuration 143
Configuration 144
Configuration 145
Configuration 146
Configuration 147
Configuration 148
Configuration 149
Configuration 150
Configuration 151
Configuration 152
Configuration 153
Configuration 154
Configuration 155
Configuration 156
Configuration 157
Configuration 158
Configuration 159
Configuration 160
Configuration 161
Configuration 162
Configuration 163
Configuration 164
Configuration 165
Configuration 166
Configuration 167
Configuration 168
Configuration 169
Configuration 170
Configuration 171
Configuration 172
Configuration 173
Configuration 174
Configuration 175
Configuration 176
Configuration 177
Configuration 178
Configuration 179
Configuration 180
Configuration 181
Configuration 182
Configuration 183
Configuration 184
Configuration 185
Configuration 186
Configuration 187
Configuration 188
Configuration 189
Configuration 190
Configuration 191
Configuration 192
Configuration 193
Configuration 194
Configuration 195
Configuration 196
Configuration 197
Configuration 198
Configuration 199
Configuration 200
Configuration 201
Configuration 202
Configuration 203
Configuration 204
Configuration 205
Configuration 206
Configuration 207
Configuration 208
Configuration 209
Configuration 210
Configuration 211
Configuration 212
Configuration 213
Configuration 214
Configuration 215
Configuration 216
Configuration 217
Configuration 218
Configuration 219
Configuration 220
Configuration 221
Configuration 222
Configuration 223
Configuration 224
Configuration 225
Configuration 226
Configuration 227
Configuration 228
Configuration 229
Configuration 230
Configuration 231
Configuration 232
Configuration 233
Configuration 234
Configuration 235
Configuration 236
Configuration 237
Configuration 238
Configuration 239
Configuration 240
Configuration 241
Configuration 242
Configuration 243
Configuration 244
Showing 100 of 488 CPEs, view all CPEs here.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2017-2750
NVD Published Date:
01/23/2018
NVD Last Modified:
02/21/2018