Vulnerabilities > CVE-2013-4828 - Cryptographic Issues vulnerability in HP products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

CWE-310

NVD

Published: 2013-10-04

Updated: 2024-11-21

Summary

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices do not properly encrypt PDF documents, which allows remote attackers to obtain sensitive information via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Hardware	Hp HP Laserjet Enterprise Color Flow M575C - HP Laserjet M525F - HP Laserjet M4555 - HP Color Laserjet Cm4540Fskm - HP Laserjet M725F - HP Color Laserjet M775Dn - HP Laserjet M4555H - HP Color Laserjet Cm4540F - HP Laserjet M525Dn - HP Laserjet Flow M525C - HP Laserjet M725Dn - HP Scanjet Enterprise 8500Fn1 - HP Laserjet M725Z+ - HP Laserjet M4555F - HP Color Laserjet Cm4540 - HP Laserjet M4555Fskm - HP Color Laserjet M775Z+ - HP Laserjet M725Z - HP Color Laserjet M775Z - HP Color Laserjet M575F - HP Color Laserjet M575Dn - HP Color Laserjet M775F -	22

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References