1. Home
  2. CVE Database
  3. CVE-2023-1526
MEDIUM · 4.6

CVE-2023-1526

Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.

Vulnerability Description

Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.

CVSS Score

4.6

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HpDesignjet Z6 Firmware< jgr6_09_22_51.2
HpDesignjet Z6-
HpDesignjet Z6Dr Firmware< jgr6_09_22_51.2
HpDesignjet Z6Dr-
HpDesignjet Z9 Firmware< jgr9_09_22_51.2
HpDesignjet Z9-
HpDesignjet Z9Dr Firmware< jgr9_09_22_51.2
HpDesignjet Z9Dr-
HpDesignjet Z9\+ Pro Firmware-
HpDesignjet Z9\+ Pro-
HpPagewide Xl 4700_firmware
HpPagewide Xl 4500_firmware
HpPagewide Xl 4100_firmware
HpPagewide Xl 4600_firmware
HpPagewide Xl 8000_firmware

References

FAQ

What is CVE-2023-1526?

CVE-2023-1526 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.

How severe is CVE-2023-1526?

CVE-2023-1526 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-1526?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Designjet Z6 Firmware, Hp Designjet Z6, Hp Designjet Z6Dr Firmware, Hp Designjet Z6Dr, Hp Designjet Z9 Firmware.