Hi @louisy86,

Welcome to the HP Support Community

I understand you are facing an issue with your HP Product. Not to worry I will help you to get a resolution to resolve the issue.

To assist better:

• May I have the exact name of the model of the product? Refer to this document for steps to find the product details. Do not share your personal information such as serial, phone number, email ID, etc.

Could you please elaborate in detail? 

I hope this helps! Keep me posted. 

Please click “Accepted Solution” if you feel my post solved your issue, it will help others find the solution.

HI Gaya, 

There are ton of  vulnerability finding at HP LaserJet printer from Qualys Scan. 

The QID 38596 - TLS Protocol Session Renegotiation Security Vulnerability and the affected CVE-2009-3555. 

The scan result - Number of SSL renegotiations:1#

Action being taken on one of the affected Printer HP Laserjet M506. 

1. Updated to the latest firmware 

2. Disable TLS 1.0 ,1.2

2. Use TLS 1.2 only. 

However the printer is still flag on this finding after the qualys scanned. 

Much appreciate if your kind assistance and advice. 

According to documentation printed in 2019, HP addressed this issue with firmware starting after Revision 4.7.2 of firmware.

The IETF developed a new negotiation method (RFC5746, in February 2010) to address the vulnerability and fail a handshake with any devices that were unable to use the new method. HP implemented the new method and created an Object Identifier (OID) in SNMP to enable/disable the enforcement of the new method. The default setting was to allow negotiation with printers which presented or responded with the Legacy method. However, this default setting changed in FutureSmart bundle firmware version 4.7.2. HP Enterprise printers will no longer allow negotiation with systems that use the Legacy method.

Do you have SNMP 3 configured or an older version?

If you find the information provided useful or solves your problems, help other users find the solution easier by marking my post as an accepted solution. Clicking "yes" on "was this reply helpful" also increases the chances that this solution will help others.
I am a volunteer, offering my knowledge to support fellow users, I do not work for HP nor speak for HP.

Hi , 

This finding is affected on the Printer with Port 443. 

Thus, i don't think this is related to SNMP. By the way, the printer has been configured SNMPv3 indeed. 

Thank for your input. 

You might want to contact HP regarding their JetAdvantage Security Manager software. It will examine your fleet, flag configuration and security issues and will even apply policies to printers. It can be configured to push security settings to new printers as soon as they are attached to the network or re-apply settings in cases of corruption.

https://support.hp.com/us-en/product/details/hp-jetadvantage-security-manager-software-licenses/8394...

If you find the information provided useful or solves your problems, help other users find the solution easier by marking my post as an accepted solution. Clicking "yes" on "was this reply helpful" also increases the chances that this solution will help others.
I am a volunteer, offering my knowledge to support fellow users, I do not work for HP nor speak for HP.