CVE-2013-6032

EPSS 0.83%
Veröffentlicht 04.02.2014 05:39:08
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lexmark ≫ 25xxn Version <= lcl.cu.p114

Lexmark ≫ C52x Version <= ls.fa.p150

Lexmark ≫ C53x Version <= ls.sw.p069

Lexmark ≫ C77x Version <= lc.cm.p052

Lexmark ≫ C78x Version <= lc.io.p187

Lexmark ≫ C920 Version <= ls.ta.p152

Lexmark ≫ C935dn Version <= lc.jo.p091

Lexmark ≫ E250 Version <= le.pm.p126

Lexmark ≫ E350 Version <= le.ph.p129

Lexmark ≫ E450 Version <= lm.sz.p124

Lexmark ≫ N4000 Version <= lc.md.p119

Lexmark ≫ N4050e Version <= go.go.n206

Lexmark ≫ N70xxe Version <= lc.co.n309

Lexmark ≫ T64x Version <= ls.st.p343

Lexmark ≫ W840 Version <= ls.ha.p252

Lexmark ≫ X642 Version <= lc2.mb.p318

Lexmark ≫ X644 Version <= lc4.be.p487

Lexmark ≫ X646 Version <= lc2.mc.p373

Lexmark ≫ X64xef Version <= lc2.ti.p325

Lexmark ≫ X772 Version <= lc2.tr.p291

Lexmark ≫ X78x Version <= lc2.io.p335

Lexmark ≫ X85x Version <= lc4.be.p487

Lexmark ≫ X94x Version <= lc.br.p141

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.83%	0.723

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://support.lexmark.com/index?page=content&id=TE586

http://www.kb.cert.org/vuls/id/108062

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2013-6032

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-6032

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-6032

EUVD