Vulnerability Description
A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | F2A70A Firmware | < 2405129_000052 |
| Hp | F2A70A | - |
| Hp | F2A71A Firmware | < 2405129_000052 |
| Hp | F2A71A | - |
| Hp | F2A67A Firmware | < 2405129_000052 |
| Hp | F2A67A | - |
| Hp | B5L26A Firmware | < 2405129_000056 |
| Hp | B5L26A | - |
| Hp | B5L39A Firmware | < 2405129_000056 |
| Hp | B5L39A | - |
| Hp | C2S11A Firmware | < 2405129_000055 |
| Hp | C2S11A | - |
| Hp | C2S11V Firmware | < 2405129_000055 |
| Hp | C2S11V | - |
| Hp | C2S12A Firmware | < 2405129_000055 |
| Hp | C2S12A | - |
| Hp | C2S12V Firmware | < 2405129_000055 |
| Hp | C2S12V | - |
| Hp | L1H45A Firmware | < 2405129_000055 |
| Hp | L1H45A | - |
Related Weaknesses (CWE)
References
- https://support.hp.com/us-en/document/c05949322Vendor Advisory
- https://support.hp.com/us-en/document/c05949322Vendor Advisory
FAQ
What is CVE-2018-5921?
CVE-2018-5921 is a vulnerability with a CVSS score of 8.8 (HIGH). A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and c...
How severe is CVE-2018-5921?
CVE-2018-5921 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5921?
Check the references section above for vendor advisories and patch information. Affected products include: Hp F2A70A Firmware, Hp F2A70A, Hp F2A71A Firmware, Hp F2A71A, Hp F2A67A Firmware.