4.6

CVE-2016-3145

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LexmarkPrinter Firmware Version >= pp <= pp.021.062
   LexmarkCx820de Version-
   LexmarkCx820dtfe Version-
   LexmarkCx825de Version-
   LexmarkCx825dte Version-
   LexmarkCx825dtfe Version-
   LexmarkCx860de Version-
   LexmarkCx860dte Version-
   LexmarkCx860dtfe Version-
   LexmarkXc6152de Version-
   LexmarkXc6152dtfe Version-
   LexmarkXc8155de Version-
   LexmarkXc8155dte Version-
   LexmarkXc8160de Version-
   LexmarkXc8160dte Version-
LexmarkPrinter Firmware Version >= cb <= cb.021.062
   LexmarkC4150 Version-
   LexmarkCs720de Version-
   LexmarkCs720dte Version-
   LexmarkCs725de Version-
   LexmarkCs725dte Version-
LexmarkPrinter Firmware Version >= yk <= yk.021.062
   LexmarkC6160 Version-
LexmarkPrinter Firmware Version >= yk <= yk.021.057
   LexmarkCs820de Version-
   LexmarkCs820dte Version-
   LexmarkCs820dtfe Version-
LexmarkPrinter Firmware Version >= atl <= atl.021.062
   LexmarkCx725de Version-
   LexmarkCx725dhe Version-
   LexmarkCx725dthe Version-
   LexmarkXc4150 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.166
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 0.9 3.6
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.