Test ID:	1.3.6.1.4.1.25623.1.0.103757
Category:	Web application abuses
Title:	Multiple HP LaserJet Pro Printers Information Disclosure Vulnerability (Aug 2013)
Summary:	Multiple HP LaserJet Pro Printers are prone to an information; disclosure vulnerability.
Description:	Summary: Multiple HP LaserJet Pro Printers are prone to an information disclosure vulnerability. Vulnerability Insight: The hidden URL '/dev/save_restore.xml' contains a hex representation of the admin password in plaintext and no authentication is needed to access this site. Vulnerability Impact: The vulnerability could be exploited remotely to gain unauthorized access to data. Affected Software/OS: HP LaserJet Pro P1102w HP LaserJet Pro P1606dn HP LaserJet Pro M1212nf MFP HP LaserJet Pro M1213nf MFP HP LaserJet Pro M1214nfh MFP HP LaserJet Pro M1216nfh MFP HP LaserJet Pro M1217nfw MFP HP LaserJet Pro M1218nfs MFP HP LaserJet Pro CP1025nw Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4807 BugTraq ID: 61565 http://www.securityfocus.com/bid/61565 HPdes Security Advisory: HPSBPI02887 http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03825817 HPdes Security Advisory: SSRT101181 http://osvdb.org/95907 http://www.securitytracker.com/id/1028869 XForce ISS Database: hp-laserjet-cve20134807-unauth-access(86178) https://exchange.xforce.ibmcloud.com/vulnerabilities/86178
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.