CVE-2018-5921

Name: CVE-2018-5921
Creator: NVD / NIST
Published: 2018-10-03T20:29:18.52+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.74%

Last modified Jun 17, 2026

CVE-2018-5921 is a vulnerability of currently unknown severity. A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.. EPSS estimates a 0.74% chance of exploitation in the next 30 days.

Description

A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.

Metrics

EPSS Probability

0.74%

49.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-352

Affected Software

Vendor	Product	Versions
Hp	F2a70a Firmware	< 2405129_000052
Hp	F2a71a Firmware	< 2405129_000052
Hp	F2a67a Firmware	< 2405129_000052
Hp	B5l26a Firmware	< 2405129_000056
Hp	B5l39a Firmware	< 2405129_000056
Hp	C2s11a Firmware	< 2405129_000055
Hp	C2s11v Firmware	< 2405129_000055
Hp	C2s12a Firmware	< 2405129_000055
Hp	C2s12v Firmware	< 2405129_000055
Hp	L1h45a Firmware	< 2405129_000055
Hp	G1w46a Firmware	< 2405129_000051
Hp	G1w46v Firmware	< 2405129_000051
Hp	G1w47a Firmware	< 2405129_000051
Hp	G1w47v Firmware	< 2405129_000051
Hp	L3u44a Firmware	< 2405129_000051
Hp	L3u44a Firmware	< 2405135_000394
Hp	E6b71a Firmware	< 2405129_000046
Hp	E6b73a Firmware	< 2405129_000046
Hp	K0q14a Firmware	< 2405130_000069
Hp	K0q15a Firmware	< 2405130_000069
Hp	K0q17a Firmware	< 2405130_000069
Hp	K0q18a Firmware	< 2405130_000069
Hp	M0p32a Firmware	< 2405130_000069
Hp	K0q19a Firmware	< 2405130_000069
Hp	K0q20a Firmware	< 2405130_000069
Hp	K0q21a Firmware	< 2405130_000069
Hp	K0q22a Firmware	< 2405130_000069
Hp	M0p33a Firmware	< 2405130_000069
Hp	M0p35a Firmware	< 2405130_000069
Hp	M0p36a Firmware	< 2405130_000069
Hp	M0p39a Firmware	< 2405130_000069
Hp	M0p40a Firmware	< 2405130_000069
Hp	H0dc9a Firmware	< 2405129_000047
Hp	L8z07a Firmware	< 2405129_000047
Hp	J7z98a Firmware	< 2405130_000068
Hp	J7z99a Firmware	< 2405130_000068
Hp	J8a04a Firmware	< 2405130_000068
Hp	J8a05a Firmware	< 2405130_000068
Hp	J8a06a Firmware	< 2405130_000068
Hp	L3u55a Firmware	< 2405130_000068
Hp	L3u56a Firmware	< 2405130_000068
Hp	L3u57a Firmware	< 2405130_000068
Hp	J7z04a Firmware	< 2405087_018564
Hp	J7z06a Firmware	< 2405087_018564
Hp	Cz244a Firmware	< 2405129_000059
Hp	A2w77a Firmware	< 2405129_000057
Hp	Cz245a Firmware	< 2405129_000059
Hp	A2w78a Firmware	< 2405129_000057
Hp	A2w79a Firmware	< 2405129_000057
Hp	D7p73a Firmware	< 2405129_000057

Showing 50 of 197 affected configurations. See NVD for the full list.

References

https://support.hp.com/us-en/document/c05949322Vendor Advisory
https://support.hp.com/us-en/document/c05949322Vendor Advisory

Timeline

Published: Oct 3, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-5921?

How severe is CVE-2018-5921?

Severity scoring for CVE-2018-5921 is pending analysis. The EPSS model estimates a 0.74% probability of exploitation in the next 30 days.

How do I fix CVE-2018-5921?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-5921?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST