CVE-2023-1707 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2023-1707?

CVE-2023-1707 is a vulnerability with a CVSS score of 7.5 (HIGH). Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.

Q: How severe is CVE-2023-1707?

CVE-2023-1707 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-1707?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Futuresmart 5, Hp Color Laserjet Enterprise 5700 49K98A, Hp Color Laserjet Enterprise 5700 6Qn28A, Hp Color Laserjet Enterprise 6700 49L00A, Hp Color Laserjet Enterprise 6700 4Y280A.

Vulnerability Description

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Hp	Futuresmart 5	< 5.6.0.2
Hp	Color Laserjet Enterprise 5700 49K98A	-
Hp	Color Laserjet Enterprise 5700 6Qn28A	-
Hp	Color Laserjet Enterprise 6700 49L00A	-
Hp	Color Laserjet Enterprise 6700 4Y280A	-
Hp	Color Laserjet Enterprise 6700 58M42A	-
Hp	Color Laserjet Enterprise 6700 6Qn33A	-
Hp	Color Laserjet Enterprise 6701 49L00A	-
Hp	Color Laserjet Enterprise 6701 4Y280A	-
Hp	Color Laserjet Enterprise 6701 58M42A	-
Hp	Color Laserjet Enterprise 6701 6Qn33A	-
Hp	Color Laserjet Enterprise Flow Mfp 5800 49K96Av	-
Hp	Color Laserjet Enterprise Flow Mfp 5800 58R10A	-
Hp	Color Laserjet Enterprise Flow Mfp 5800 6Qn29A	-
Hp	Color Laserjet Enterprise Flow Mfp 5800 6Qn30A	-
Hp	Color Laserjet Enterprise Flow Mfp 5800 6Qn31A	-
Hp	Color Laserjet Enterprise Flow Mfp 6800 49K84A	-
Hp	Color Laserjet Enterprise Flow Mfp 6800 4Y279A	-
Hp	Color Laserjet Enterprise Flow Mfp 6800 6Qn35A	-
Hp	Color Laserjet Enterprise Flow Mfp 6800 6Qn36A	-

Related Weaknesses (CWE)

CWE-203

References

https://support.hp.com/us-en/document/ish_7905330-7905358-16/hpsbpi03838Vendor Advisory
https://support.hp.com/us-en/document/ish_7905330-7905358-16/hpsbpi03838Vendor Advisory

FAQ

What is CVE-2023-1707?

CVE-2023-1707 is a vulnerability with a CVSS score of 7.5 (HIGH). Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.

How severe is CVE-2023-1707?

CVE-2023-1707 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-1707?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Futuresmart 5, Hp Color Laserjet Enterprise 5700 49K98A, Hp Color Laserjet Enterprise 5700 6Qn28A, Hp Color Laserjet Enterprise 6700 49L00A, Hp Color Laserjet Enterprise 6700 4Y280A.