Vulnerability Description
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | 8100C Digital Sender | - |
| Hp | 9100C Digital Sender | - |
| Hp | 9200C Digital Sender | - |
| Hp | 9250C Digital Sender | - |
| Hp | Color Laserjet | All versions |
| Hp | Color Laserjet 1500 | All versions |
| Hp | Color Laserjet 2500 | All versions |
| Hp | Color Laserjet 2500L | All versions |
| Hp | Color Laserjet 2500Lse | All versions |
| Hp | Color Laserjet 2500N | All versions |
| Hp | Color Laserjet 2500Tn | All versions |
| Hp | Color Laserjet 2605Dtn | All versions |
| Hp | Color Laserjet 4370Mfp | 20081211_46.211.2 |
| Hp | Color Laserjet 4600 | All versions |
| Hp | Color Laserjet 4600Dn | All versions |
| Hp | Color Laserjet 4600Dtn | All versions |
| Hp | Color Laserjet 4600Hdn | All versions |
| Hp | Color Laserjet 4650 | All versions |
| Hp | Color Laserjet 4700 | All versions |
| Hp | Color Laserjet 4730 Mfp | All versions |
Related Weaknesses (CWE)
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566Vendor Advisory
- http://www.louhinetworks.fi/advisory/HP_20090317.txt
- http://www.securityfocus.com/archive/1/501884/100/0/threaded
- http://www.vupen.com/english/advisories/2009/0754
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566Vendor Advisory
- http://www.louhinetworks.fi/advisory/HP_20090317.txt
- http://www.securityfocus.com/archive/1/501884/100/0/threaded
- http://www.vupen.com/english/advisories/2009/0754
FAQ
What is CVE-2009-0941?
CVE-2009-0941 is a vulnerability with a CVSS score of 7.6 (HIGH). The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
How severe is CVE-2009-0941?
CVE-2009-0941 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0941?
Check the references section above for vendor advisories and patch information. Affected products include: Hp 8100C Digital Sender, Hp 9100C Digital Sender, Hp 9200C Digital Sender, Hp 9250C Digital Sender, Hp Color Laserjet.