CVE-2025-3508

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

CVSS

No CVSS.

References

Link	Resource
https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039

Configurations

No configuration.

History

No history.

Information

Published : 2025-07-25 16:15

Updated : 2025-07-29 14:14

NVD link : CVE-2025-3508

Mitre link : CVE-2025-3508

CVE.ORG link : CVE-2025-3508

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2025-3508", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.0, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-25T16:15:33.407", "references": [{"url": "https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Secondary", "source": "hp-security-alert@hp.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information."}, {"lang": "es", "value": "Algunos productos HP DesignJet pueden ser vulnerables a la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s de la interfaz web de la impresora, lo que permite que usuarios no autenticados vean informaci\u00f3n confidencial del trabajo de impresi\u00f3n."}], "lastModified": "2025-07-29T14:14:55.157", "sourceIdentifier": "hp-security-alert@hp.com"}

CVE-2025-3508

JSON object

Attach tags to CVE-2025-3508

Attach tags to `CVE-2025-3508`