CVE-2024-5749

nvd nist

Published: Oct 15, 2024Modified: Feb 24, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: hp-security-alert@hp.com (Secondary)

Description

Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.

Affected (15)

Products: Hp: F9a29a Firmware, F9a29b Firmware, F9a29c Firmware, F9a29d Firmware, F9a29e Firmware, F9a29g Firmware, T5d66a Firmware, F9a30a Firmware, F9a30b Firmware, F9a30c Firmware, F9a30d Firmware, F9a30e Firmware, F9a30g Firmware, 1jl02b Firmware, T5d67a Firmware

15 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29a Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29a	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29b Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29b	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29c Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29c	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29d Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29d	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29e Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29e	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a29g Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a29g	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp T5d66a Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp T5d66a	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30a Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30a	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30b Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30b	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30c Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30c	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30d Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30d	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30e Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30e	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp F9a30g Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp F9a30g	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp 1jl02b Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp 1jl02b	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp T5d67a Firmware	Before 001.2419b

Running on/with	Platform Versions
Hp T5d67a	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (1)

https://support.hp.com/us-en/document/ish_11428772-11428805-16/hpsbpi03979

Source: hp-security-alert@hp.com

Vendor Advisory

Timeline

No history available yet.