7.5

CVE-2013-4613

EPSS 0.52%
Published 21.06.2013 21:55:01
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the Advanced page. NOTE: the vendor has apparently responded by stating "for user convenience, the default setting does not require a password. However, if a user has a particular concern about third parties accessing the user's home printer, the default setting can be changed to add a password."

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Canon ≫ Mg3100 Printer Version-

Canon ≫ Mg5300 Printer Version-

Canon ≫ Mg6100 Printer Version-

Canon ≫ Mp340 Printer Version-

Canon ≫ Mp495 Printer Version-

Canon ≫ Mx870 Printer Version-

Canon ≫ Mx890 Printer Version-

Canon ≫ Mx920 Printer Version-

Canon ≫ Mx922 Printer Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.52%	0.657

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html

http://www.mattandreko.com/2013/06/canon-y-u-no-security.html

https://nvd.nist.gov/vuln/detail/CVE-2013-4613

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4613

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4613

EUVD