CVE & CISA-KEV Catalog

CVE-2019-6327

CRITICALEPSS 82th pctl
9.8
CVSS v3
NVD

Description

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.

How to fix

Remediation Available
laserjet pro m280-m281 t6b80a firmwareNVD
Affected:< 20190419Fixed in:20190419CVE-2019-6327derived from NVD
laserjet pro m280-m281 t6b81a firmwareNVD
Affected:< 20190419Fixed in:20190419CVE-2019-6327derived from NVD
laserjet pro m280-m281 t6b82a firmwareNVD
Affected:< 20190419Fixed in:20190419CVE-2019-6327derived from NVD
laserjet pro m280-m281 t6b83a firmwareNVD
Affected:< 20190419Fixed in:20190419CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 w2g54a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 w2g55a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 y5s50a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 y5s53a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 y5s54a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD
laserjet pro mfp m28-m31 y5s55a firmwareNVD
Affected:< 20190426Fixed in:20190426CVE-2019-6327derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

2.37%probability of exploitation in 30 days
82ndpercentile

Elevated risk: more likely to be exploited than 82% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-120 (Classic Buffer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2014-0195Medium6.8100%-Fix
CVE-2017-7269Critical9.8100%KEV-
CVE-2019-11043High8.799%KEV + RansomFix
CVE-2011-4862High10.095%-Fix
CVE-2007-5659High7.894%KEVFix
CVE-2022-3786High7.591%-Fix
Embed a live status badge for CVE-2019-6327
CVE-2019-6327 severity badge

Markdown

[![CVE-2019-6327](https://tridentstack.com/cve/badge/CVE-2019-6327.svg)](https://tridentstack.com/cve/CVE-2019-6327)

HTML

<a href="https://tridentstack.com/cve/CVE-2019-6327"><img src="https://tridentstack.com/cve/badge/CVE-2019-6327.svg" alt="CVE-2019-6327"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.