search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Hewlett Packard JetDirect-enabled printers disclose Telnet/HTTP passwords in hex format via "SNMP READ" request

Vulnerability Note VU#377003

Original Release Date: 2002-09-16 | Last Revised: 2004-02-23


Hewlett Packard (HP) printers store sensitive administrative account information in a variable that is served to any user that makes a certain SNMP request.


HP JetDirect-enabled printers are configurable via HTTP and Telnet and accept SNMP requests. These printers store the administrative account password in an SNMP variable that can be read by any remote user that knows the address of the printer and the location of the variable. The location of the variable is unchanging.


Attackers can obtain sensitive information and gain unauthorized access to the printer.


Apply a patch

Update to firmware version X.22.09 or later.

Vendor Information


Hewlett-Packard Company Affected

Notified:  July 15, 2002 Updated: August 06, 2002



Vendor Statement

Update to firmware version X.22.09 or later.

For more information please refer to:

HP Jetdirect Print Servers - Making HP Jetdirect Print Servers Secure on the Network

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



Thanks to Phenoelit for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

CVE IDs: CVE-2002-1048
Severity Metric: 1.71
Date Public: 2002-07-27
Date First Published: 2002-09-16
Date Last Updated: 2004-02-23 22:24 UTC
Document Revision: 6

Sponsored by CISA.