Strix
26.1K

CVE-2025-3508

MEDIUMCVSS 6/10EPSS 0.92%

Last modified

CVE-2025-3508 is a medium-severity vulnerability rated 6/10 on the CVSS scale. Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.. EPSS estimates a 0.92% chance of exploitation in the next 30 days.

Description

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

Metrics

CVSS 3.1
6.5/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 4.0
6/10

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability
0.92%

55.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HpW3z72e Firmware< jgr9_09_25_22.1
HpW3z72f Firmware< jgr9_09_25_22.1
HpW3z72g Firmware< jgr9_09_25_22.1
HpW3z72h Firmware< jgr9_09_25_22.1
HpW6b55a Firmware< jgrw_09_25_22.1
HpW6b55b Firmware< jgrw_09_25_22.1
HpW6b55c Firmware< jgrw_09_25_22.1
HpW6b55d Firmware< jgrw_09_25_22.1
HpW6b55e Firmware< jgrw_09_25_22.1
HpW6b55f Firmware< jgrw_09_25_22.1
HpW6b55g Firmware< jgrw_09_25_22.1
HpW6b55h Firmware< jgrw_09_25_22.1
HpW6b56a Firmware< jgrw_09_25_22.1
HpW6b56b Firmware< jgrw_09_25_22.1
HpW6b56c Firmware< jgrw_09_25_22.1
HpW6b56d Firmware< jgrw_09_25_22.1
HpW6b56e Firmware< jgrw_09_25_22.1
HpW6b56f Firmware< jgrw_09_25_22.1
HpW6b56g Firmware< jgrw_09_25_22.1
HpW6b56h Firmware< jgrw_09_25_22.1
HpX9d24a Firmware< jgr9_09_25_22.1
HpX9d24b Firmware< jgr9_09_25_22.1
HpX9d24c Firmware< jgr9_09_25_22.1
HpX9d24d Firmware< jgr9_09_25_22.1
HpX9d24e Firmware< jgr9_09_25_22.1
HpX9d24f Firmware< jgr9_09_25_22.1
HpX9d24g Firmware< jgr9_09_25_22.1
HpX9d24h Firmware< jgr9_09_25_22.1
Hp1vd83a Firmware< jgrp_09_25_22.1
Hp1vd84a Firmware< jgrp_09_25_22.1
Hp1vd85a Firmware< jgrp_09_25_22.1
Hp1vd86a Firmware< jgrp_09_25_22.1
Hp1vd87a Firmware< jgrw_09_25_22.1
Hp1vd87f Firmware< jgrw_09_25_22.1
Hp1vd88a Firmware< jgrw_09_25_22.1
Hp1vd88b Firmware< jgrw_09_25_22.1
Hp1vd88f Firmware< jgrw_09_25_22.1
HpT8w15a Firmware< jgr6_09_25_22.1
HpT8w15b Firmware< jgr6_09_25_22.1
HpT8w15c Firmware< jgr6_09_25_22.1
HpT8w15d Firmware< jgr6_09_25_22.1
HpT8w15e Firmware< jgr6_09_25_22.1
HpT8w15f Firmware< jgr6_09_25_22.1
HpT8w15g Firmware< jgr6_09_25_22.1
HpT8w15h Firmware< jgr6_09_25_22.1
HpT8w16a Firmware< jgr6_09_25_22.1
HpT8w16b Firmware< jgr6_09_25_22.1
HpT8w16c Firmware< jgr6_09_25_22.1
HpT8w16d Firmware< jgr6_09_25_22.1
HpT8w16e Firmware< jgr6_09_25_22.1

Showing 50 of 73 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-3508?
Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.
How severe is CVE-2025-3508?
CVE-2025-3508 has a CVSS score of 6/10 (MEDIUM severity). The EPSS model estimates a 0.92% probability of exploitation in the next 30 days.
How do I fix CVE-2025-3508?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-3508?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST