CVE-2024-5143 Information

Description

A user with device administrative privileges can change existing SMTP server settings on the device without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server the original SMTP server credentials may potentially be exposed.

Reference

https://support.hp.com/us-en/document/ish_10643804-10643841-16/HPSBPI03941