Susceptibility to dictionary attacks, unauthorized remote access to resources, and elevation of privilege.
Source: HP, HP Product Security Response Team (PSRT)
Reported By: Nick Bloor
CVE ID
|
Potential Vulnerability
|
Impacted Version
|
CVE-2020-6925
|
Weak Cipher
|
All versions of HP Device Manager
|
CVE-2020-6926
|
Remote Method Invocation
|
All versions of HP Device Manager
|
CVE-2020-6927
|
Elevation of Privilege
|
HP Device Manager 5.0.0
HP Device Manager 5.0.1
HP Device Manager 5.0.2
HP Device Manager 5.0.3
|
Reference
|
Base Vector
|
Base Score
|
CVE-2020-6925
|
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
7.0
|
CVE-2020-6926
|
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
9.9
|
CVE-2020-6927
|
AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
8.0
|
Product
|
Updated
|
HP Device Manager 5.0
| |
HP Device Manager 4.7
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|