Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6332

A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 4.8, indicating it can be exploited remotely over the network with relatively low complexity though user interaction is required . The vulnerability impacts limited data confidentiality, limited integrity, for affected systems. Impacting 104 products from hp, from hp, from hp and 101 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2020, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2020-01-09T19:15:10.730

Last Modified

2024-11-21T04:46:25.620

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

6.8

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	hp	deskjet_2600_4uj28b_firmware	< 1923	Yes
Hardware	hp	deskjet_2600_4uj28b	-	No
Operating System	hp	deskjet_2600_v1n01a_firmware	< 1923	Yes
Hardware	hp	deskjet_2600_v1n01a	-	No
Operating System	hp	deskjet_2600_v1n08a_firmware	< 1923	Yes
Hardware	hp	deskjet_2600_v1n08a	-	No
Operating System	hp	deskjet_2600_y5h60a_firmware	< 1923	Yes
Hardware	hp	deskjet_2600_y5h60a	-	No
Operating System	hp	deskjet_2600_y5h80a_firmware	< 1923	Yes
Hardware	hp	deskjet_2600_y5h80a	-	No
Operating System	hp	deskjet_ink_advantage_2600_v1n02a_firmware	< 1923	Yes
Hardware	hp	deskjet_ink_advantage_2600_v1n02a	-	No
Operating System	hp	deskjet_ink_advantage_2600_v1n02b_firmware	< 1923	Yes
Hardware	hp	deskjet_ink_advantage_2600_v1n02b	-	No
Operating System	hp	deskjet_ink_advantage_2600_y5z00a_firmware	< 1923	Yes
Hardware	hp	deskjet_ink_advantage_2600_y5z00a	-	No
Operating System	hp	deskjet_ink_advantage_2600_y5z04b_firmware	≤ 1923	Yes
Hardware	hp	deskjet_ink_advantage_2600_y5z04b	-	No
Operating System	hp	deskjet_ink_advantage_5000_m2u86a_firmware	< 003.1925a	Yes
Hardware	hp	deskjet_ink_advantage_5000_m2u86a	-	No
Operating System	hp	deskjet_ink_advantage_5000_m2u89b_firmware	< 003.1925a	Yes
Hardware	hp	deskjet_ink_advantage_5000_m2u89b	-	No
Operating System	hp	deskjet_ink_advantage_5200_m2u76a_firmware	< 003.1925a	Yes
Hardware	hp	deskjet_ink_advantage_5200_m2u76a_	-	No
Operating System	hp	deskjet_ink_advantage_5200_m2u78b_firmware	< 003.1925a	Yes
Hardware	hp	deskjet_ink_advantage_5200_m2u78b	-	No
Operating System	hp	envy_5000_m2u85a_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_m2u85a	-	No
Operating System	hp	envy_5000_m2u85b_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_m2u85b	-	No
Operating System	hp	envy_5000_m2u91a_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_m2u91a	-	No
Operating System	hp	envy_5000_m2u94b_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_m2u94b	-	No
Operating System	hp	envy_5000_z4a54a_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_z4a54a	-	No
Operating System	hp	envy_5000_z4a74a_firmware	< 003.1925a	Yes
Hardware	hp	envy_5000_z4a74a	-	No
Operating System	hp	envy_photo_6200_k7g18a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_6200_k7g18a	-	No
Operating System	hp	envy_photo_6200_k7g26b_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_6200_k7g26b	-	No
Operating System	hp	envy_photo_6200_k7s21b_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_6200_k7s21b	-	No
Operating System	hp	envy_photo_6200_y0k13d__firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_6200_y0k13d_	-	No
Operating System	hp	envy_photo_6200_y0k15a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_6200_y0k15a	-	No
Operating System	hp	envy_photo_7100_3xd89a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7100_3xd89a	-	No
Operating System	hp	envy_photo_7100_k7g93a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7100_k7g93a	-	No
Operating System	hp	envy_photo_7100_k7g99a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7100_k7g99a	-	No
Operating System	hp	envy_photo_7100_z3m37a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7100_z3m37a	-	No
Operating System	hp	envy_photo_7100_z3m52a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7100_z3m52a	-	No
Operating System	hp	envy_photo_7800_k7r96a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7800_k7r96a	-	No
Operating System	hp	envy_photo_7800_k7s00a_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7800_k7s00a	-	No
Operating System	hp	envy_photo_7800_k7s10d_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7800_k7s10d	-	No
Operating System	hp	envy_photo_7800_y0g42d_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7800_y0g42d	-	No
Operating System	hp	envy_photo_7800_y0g52b_firmware	< 003.1925a	Yes
Hardware	hp	envy_photo_7800_y0g52b	-	No
Operating System	hp	ink_tank_wireless_410_z4b53a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_z4b53a	-	No
Operating System	hp	ink_tank_wireless_410_z4b55a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_z4b55a	-	No
Operating System	hp	ink_tank_wireless_410_z6z95a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_z6z95a	-	No
Operating System	hp	ink_tank_wireless_410_z6z99a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_z6z99a	-	No
Operating System	hp	ink_tank_wireless_410_4dx94a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_4dx94a	-	No
Operating System	hp	ink_tank_wireless_410_4dx95a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_4dx95a	-	No
Operating System	hp	ink_tank_wireless_410_4yf79a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_4yf79a	-	No
Operating System	hp	ink_tank_wireless_410_z7a01a_firmware	< 1924	Yes
Hardware	hp	ink_tank_wireless_410_z7a01a	-	No
Operating System	hp	officejet_5200_m2u75a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_m2u75a	-	No
Operating System	hp	officejet_5200_m2u81a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_m2u81a	-	No
Operating System	hp	officejet_5200_m2u84b_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_m2u84b	-	No
Operating System	hp	officejet_5200_z4b12a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_z4b12a	-	No
Operating System	hp	officejet_5200_z4b14a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_z4b14a	-	No
Operating System	hp	officejet_5200_z4b27a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_z4b27a	-	No
Operating System	hp	officejet_5200_z4b29a_firmware	< 003.1925a	Yes
Hardware	hp	officejet_5200_z4b29a	-	No
Operating System	hp	smart_tank_wireless_450_z4b56a_firmware	< 1924	Yes
Hardware	hp	smart_tank_wireless_450_z4b56a	-	No
Operating System	hp	smart_tank_wireless_450_z6z96a_firmware	< 1924	Yes
Hardware	hp	smart_tank_wireless_450_z6z96a	-	No
Operating System	hp	smart_tank_wireless_450_z6z98a_firmware	< 1924	Yes
Hardware	hp	smart_tank_wireless_450_z6z98a	-	No

References

https://support.hp.com/in-en/document/c06428029 Vendor Advisory ([email protected])
https://support.hp.com/in-en/document/c06428029 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For hp's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.