CVE-2025-3508

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

CVSS

No CVSS.

References

Link	Resource
https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039

Configurations

No configuration.

History

29 Jul 2025, 14:14

Type	Values Removed	Values Added
Summary		(es) Algunos productos HP DesignJet pueden ser vulnerables a la divulgación de información a través de la interfaz web de la impresora, lo que permite que usuarios no autenticados vean información confidencial del trabajo de impresión.

25 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-25 16:15

Updated : 2025-07-29 14:14

NVD link : CVE-2025-3508

Mitre link : CVE-2025-3508

CVE.ORG link : CVE-2025-3508

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2025-3508", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.0, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-25T16:15:33.407", "references": [{"url": "https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information."}, {"lang": "es", "value": "Algunos productos HP DesignJet pueden ser vulnerables a la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s de la interfaz web de la impresora, lo que permite que usuarios no autenticados vean informaci\u00f3n confidencial del trabajo de impresi\u00f3n."}], "lastModified": "2025-07-29T14:14:55.157", "sourceIdentifier": "hp-security-alert@hp.com"}