Digital Defense Discovers Previously Unknown Vulnerability Within HP JetDirect Embedded Web Server

Share Article

Digital Defense (DDI) discloses a vulnerability within the embedded web server on the HP JetDirect Printer which could allow for a security threat. DDI's proprietary scanning technology, NIRV, provides the capacity to rapidly detect potential zero-day security issues.

Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security assessments, announced the organization’s identification of a vulnerability within the embedded web server on the HP JetDirect Printer. This flaw could allow an attacker to see files that have been recently printed, capture credentials from the system, or conduct other malicious acts. DDI immediately notified HP of the finding.

This is DDI’s third vulnerability disclosure in recent months, including those within widely used applications including the IBM® WebSphere® Application Server and the KnowledgeTree™ Online Document Management System.

“Our proprietary scanning technology, NIRV, (Network Interrogator Reconnaissance Vehicle), coupled with Digital Defense’s cloud-based vulnerability management platform, offers our researchers powerful intelligence, resulting in our ability to detect potential zero-day security issues”, stated Larry Hurtado, president and CEO.

Tom DeSot, Chief Information Officer added, “The security of our clients is the first priority when a vulnerability is recognized. We employ a process that includes rapid communication of the new vulnerability to our clients and ultimately the global Internet community. This process ensures companies everywhere are aware of the issue and can take the appropriate measures to protect their networks and sensitive information.”

DDI is currently collaborating with HP on the matter and will post more information regarding the issue to the DDI Labs Blog as it becomes available.

About Digital Defense
Digital Defense, Inc. (DDI) is a leading provider of security governance, risk management, and compliance (GRC) solutions. Our unique combination of managed, cloud-based services, gives our clients maximum flexibility in the implementation of their security programs. We provide the insight necessary for organizations to protect their critical customer and business information while allowing them to focus on their business, rather than dedicate resources to network security. DDI clients enjoy greater visibility and management insight of their enterprise-wide GRC programs using DDI’s proprietary Software as a Service (SaaS) delivery platforms and assessment tools. For more information about Digital Defense, please visit our web site at http://www.ddifrontline.com or contact us at 888.273.1412.

Reader Contact Information
Digital Defense, Inc., 9000 Tesoro Drive, Suite 100, San Antonio, Texas, 78217
Phone - 210.822.2645, Fax - 210.822.9216

Digital Defense and the Shield Logo are Registered Service Marks of Digital Defense, Inc. All other trademarks are the property of their respective owners.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Meg Grant
Visit website