CVE-2024-5749

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-5749
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.hp.com/us-en/document/ish_11428772-11428805-16/hpsbpi03979 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hp:f9a29a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hp:f9a29b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29b:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:hp:f9a29c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29c:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:hp:f9a29d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29d:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:hp:f9a29e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29e:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:hp:f9a29g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a29g:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:hp:t5d66a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t5d66a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:hp:f9a30a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:hp:f9a30b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30b:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:hp:f9a30c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:hp:f9a30d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30d:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:hp:f9a30e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30e:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:hp:f9a30g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:f9a30g:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:hp:1jl02b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:1jl02b:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:hp:t5d67a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:t5d67a:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-10-15 18:15

Updated : 2026-02-24 14:39

NVD link : CVE-2024-5749

Mitre link : CVE-2024-5749

CVE.ORG link : CVE-2024-5749

JSON object : View

Products Affected

hp

  • f9a29c_firmware
  • f9a30a_firmware
  • f9a30b
  • f9a30g
  • f9a29d_firmware
  • f9a30e
  • f9a29g
  • t5d67a
  • f9a29a_firmware
  • f9a29d
  • f9a30g_firmware
  • f9a29a
  • f9a30c
  • f9a29c
  • t5d66a
  • f9a30c_firmware
  • t5d66a_firmware
  • 1jl02b
  • f9a30d_firmware
  • t5d67a_firmware
  • f9a30b_firmware
  • 1jl02b_firmware
  • f9a29b
  • f9a29g_firmware
  • f9a29b_firmware
  • f9a30d
  • f9a29e
  • f9a30e_firmware
  • f9a29e_firmware
  • f9a30a
CWE
CWE-306

Missing Authentication for Critical Function