10
CVE-2017-7588
- EPSS 30.89%
- Published 12.04.2017 10:59:00
- Last modified 20.04.2025 01:37:25
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W.
Data is provided by the National Vulnerability Database (NVD)
Brother ≫ Mfc Firmware Version-
Brother ≫ Mfc-8710dw Version-
Brother ≫ Mfc-9130cw Version-
Brother ≫ Mfc-9330cdw Version-
Brother ≫ Mfc-9340cdw Version-
Brother ≫ Mfc-j3720 Version-
Brother ≫ Mfc-j4420dw Version-
Brother ≫ Mfc-j4620dw Version-
Brother ≫ Mfc-j5620dw Version-
Brother ≫ Mfc-j5910dw Version-
Brother ≫ Mfc-j6520dw Version-
Brother ≫ Mfc-j6720dw Version-
Brother ≫ Mfc-j6920dw Version-
Brother ≫ Mfc-j6973cdw Version-
Brother ≫ Mfc-l2700dw Version-
Brother ≫ Mfc-l2720dw Version-
Brother ≫ Mfc-l2740dw Version-
Brother ≫ Mfc-l8600cdw Version-
Brother ≫ Mfc-l8850cdw Version-
Brother ≫ Mfc-l9550cdw Version-
Brother ≫ Mfc-9130cw Version-
Brother ≫ Mfc-9330cdw Version-
Brother ≫ Mfc-9340cdw Version-
Brother ≫ Mfc-j3720 Version-
Brother ≫ Mfc-j4420dw Version-
Brother ≫ Mfc-j4620dw Version-
Brother ≫ Mfc-j5620dw Version-
Brother ≫ Mfc-j5910dw Version-
Brother ≫ Mfc-j6520dw Version-
Brother ≫ Mfc-j6720dw Version-
Brother ≫ Mfc-j6920dw Version-
Brother ≫ Mfc-j6973cdw Version-
Brother ≫ Mfc-l2700dw Version-
Brother ≫ Mfc-l2720dw Version-
Brother ≫ Mfc-l2740dw Version-
Brother ≫ Mfc-l8600cdw Version-
Brother ≫ Mfc-l8850cdw Version-
Brother ≫ Mfc-l9550cdw Version-
Brother ≫ Dcp Firmware Version-
Brother ≫ Ads Firmware Version-
Brother ≫ Hl Firmware Version-
Brother ≫ Hl-3140cw Version-
Brother ≫ Hl-3170cdw Version-
Brother ≫ Hl-3180cdw Version-
Brother ≫ Hl-l2380dw Version-
Brother ≫ Hl-l8350cdw Version-
Brother ≫ Hl-3170cdw Version-
Brother ≫ Hl-3180cdw Version-
Brother ≫ Hl-l2380dw Version-
Brother ≫ Hl-l8350cdw Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 30.89% | 0.963 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.