Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.

Metrics

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Hp
  • Designjet Z6
  • Designjet Z6 Firmware
  • Designjet Z6dr
  • Designjet Z6dr Firmware
  • Designjet Z9
  • Designjet Z9\+ Pro
  • Designjet Z9\+ Pro Firmware
  • Designjet Z9 Firmware
  • Designjet Z9dr
  • Designjet Z9dr Firmware
  • Pagewide Xl 4100
  • Pagewide Xl 4500
  • Pagewide Xl 4600
  • Pagewide Xl 4700
  • Pagewide Xl 8000

Configuration 1 [-]

AND
cpe:2.3:o:hp:designjet_z6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:designjet_z6:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:hp:designjet_z6dr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:designjet_z6dr:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:hp:designjet_z9_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:designjet_z9:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:hp:designjet_z9dr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:designjet_z9dr:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:hp:designjet_z9\+_pro_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:designjet_z9\+_pro:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:hp:pagewide_xl_4700:_firmware:-:*:*:*:*:*:*
cpe:2.3:h:hp:pagewide_xl_4700:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:hp:pagewide_xl_4500:_firmware:-:*:*:*:*:*:*
cpe:2.3:h:hp:pagewide_xl_4500:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:hp:pagewide_xl_4100:_firmware:-:*:*:*:*:*:*
cpe:2.3:h:hp:pagewide_xl_4100:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:hp:pagewide_xl_4600:_firmware:-:*:*:*:*:*:*
cpe:2.3:h:hp:pagewide_xl_4600:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:hp:pagewide_xl_8000:_firmware:-:*:*:*:*:*:*
cpe:2.3:h:hp:pagewide_xl_8000:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://support.hp.com/us-en/document/ish_7869666-7869691-16/hpsbpi03837 cve-icon cve-icon
History

Thu, 30 Jan 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: hp

Published:

Updated: 2025-01-30T19:29:46.760Z

Reserved: 2023-03-20T20:39:28.035Z

Link: CVE-2023-1526

cve-icon Vulnrichment

Updated: 2024-08-02T05:49:11.657Z

cve-icon NVD

Status : Modified

Published: 2023-04-28T17:15:42.973

Modified: 2025-01-30T20:15:30.230

Link: CVE-2023-1526

cve-icon Redhat

No data.