Strix
26.1K

CVE-2017-2747

UnknownEPSS 1.86%

Last modified

CVE-2017-2747 is a vulnerability of currently unknown severity. HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.. EPSS estimates a 1.86% chance of exploitation in the next 30 days.

Description

HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.

Metrics

EPSS Probability
1.86%

76.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
HpT790 Firmware<= ig_11_00_00.09
HpT795 Firmware<= ig_11_00_00.09
HpT1300 Firmware<= ig_11_00_00.09
HpT2300 Firmware<= ig_11_00_00.09
HpT920 Firmware<= mry_04_05_00.4
HpT930 Firmware<= mry_04_05_00.4
HpT1500 Firmware<= mry_04_05_00.4
HpT1530 Firmware<= mry_04_05_00.4
HpT2500 Firmware<= mry_04_05_00.4
HpT2530 Firmware<= mry_04_05_00.4
HpT3500 Firmware<= aeneas_03_04_00.8
Hp110 Firmware<= nexus_00_04_53.8
Hp310 Firmware<= nexus_01_12_00.10
Hp330 Firmware<= nexus_01_12_00.10
Hp360 Firmware<= nexus_01_12_00.10
Hp370 Firmware<= nexus_01_12_00.10
Hp315 Firmware<= nexus_03_12_00.14
Hp335 Firmware<= nexus_03_12_00.14
Hp365 Firmware<= nexus_03_12_00.14
Hp375 Firmware<= nexus_03_12_00.14
Hp560 Firmware<= storm_00_05_01.5
Hp570 Firmware<= storm_00_05_01.5

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-2747?
HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet T920, T930, T1500, T1530, T2500, T2530, before AENEAS_03_04_00.9 for DesignJet T3500, before NEXUS_01_12_00.11 for Latex 310, 330, 360, 370, before NEXUS_03_12_00.15 for Latex 315, 335, 365, 375, before STORM_00_05_01.6 for Latex 560, 570 and Latex 110 that may expose the credentials of the SMTP server configured to receive and process emails generated by the printers.
How severe is CVE-2017-2747?
Severity scoring for CVE-2017-2747 is pending analysis. The EPSS model estimates a 1.86% probability of exploitation in the next 30 days.
How do I fix CVE-2017-2747?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-2747?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST