CVE-2012-5221
CVE-2012-5221 is a medium-severity vulnerability in Hp Color Laserjet 3000 with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 4% (89th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Hp Color Laserjet 3000
- Published:
- Last modified:
Description
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
Frequently asked questions
- What is CVE-2012-5221?
- Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
- How severe is CVE-2012-5221?
- CVE-2012-5221 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2012-5221 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 4% (89th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2012-5221?
- CVE-2012-5221 primarily affects Hp Color Laserjet 3000. In total, 38 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2012-5221?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2012-5221 published?
- CVE-2012-5221 was published on 2013-04-29 and last updated on 2026-06-16.
References
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742
Affected products (38)
- cpe:2.3:h:hp:color_laserjet_3000:q7534a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_3800:q5981a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_4700:q7492a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_4730_mfp:cb480a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_5550:q3714a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_9500_mfp:c8549a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cm6030_mfp:ce664a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cm6040_mfp:q3939a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cp3505:cb442a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cp3525:cc469a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cp4005:cb503a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_cp6015:q3932a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_enterprise_cp4025:cc490a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:cc493a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:digital_sender_9250c:cb472a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4240:q7785a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4250:q5400a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4345_mfp:q3942a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4350:q5407a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_5200l:q7543a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_5200n:q7543a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9040:q7697a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9040_mfp:q3721a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9050:q7697a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9050_mfp:q3721a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_enterprise_p3015:ce526a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m3027_mfp:cb416a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m3035_mfp:cb414a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m3035_mfp:cc519a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m4345_mfp:cb425a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m5025_mfp:q7840a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m5035_mfp:q7829a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m9040_mpf:cc394a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_m9050_mpf:cc395a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_p3005:q7812a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_p4014:cb507a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_p4015:cb509a:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_p4515:cb514a:*:*:*:*:*:*:*
More vulnerabilities in Hp Color Laserjet 3000
- CVE-2011-4161 — Critical (CVSS 10.0): The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx,…