CVE-2019-18791

EPSS 0.3%
Veröffentlicht 13.02.2020 16:15:11
Zuletzt bearbeitet 21.11.2024 04:33:34
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lexmark ≫ Cx31x Firmware Version <= lw73.vyl.p263

Lexmark ≫ Cx31x Version-

Lexmark ≫ Cx41x Firmware Version <= lw73.vy2.p263

Lexmark ≫ Cx41x Version-

Lexmark ≫ Cx310 Firmware Version <= lw73.gm2.p263

Lexmark ≫ Cx310 Version-

Lexmark ≫ Ms310 Firmware Version <= lw73.prl.p263

Lexmark ≫ Ms310 Version-

Lexmark ≫ Ms312 Firmware Version <= lw73.prl.p263

Lexmark ≫ Ms312 Version-

Lexmark ≫ Ms317 Firmware Version <= lw73.prl.p263

Lexmark ≫ Ms317 Version-

Lexmark ≫ Ms410 Firmware Version <= lw73.prl.p263

Lexmark ≫ Ms410 Version-

Lexmark ≫ M1140 Firmware Version <= lw73.prl.p263

Lexmark ≫ M1140 Version-

Lexmark ≫ Ms315 Firmware Version <= lw73.tl2.p263

Lexmark ≫ Ms315 Version-

Lexmark ≫ Ms415 Firmware Version <= lw73.tl2.p263

Lexmark ≫ Ms415 Version-

Lexmark ≫ Ms417 Firmware Version <= lw73.tl2.p263

Lexmark ≫ Ms417 Version-

Lexmark ≫ Ms51x Firmware Version <= lw73.pr2.p263

Lexmark ≫ Ms51x Version-

Lexmark ≫ Ms610dn Firmware Version <= lw73.pr2.p263

Lexmark ≫ Ms610dn Version-

Lexmark ≫ Ms617 Firmware Version <= lw73.pr2.p263

Lexmark ≫ Ms617 Version-

Lexmark ≫ M1145 Firmware Version <= lw73.pr2.p263

Lexmark ≫ M1145 Version-

Lexmark ≫ M3150dn Firmware Version <= lw73.pr2.p263

Lexmark ≫ M3150dn Version-

Lexmark ≫ Ms71x Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms71x Version-

Lexmark ≫ M5163dn Firmware Version <= lw73.dn2.p263

Lexmark ≫ M5163dn Version-

Lexmark ≫ Ms810 Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms810 Version-

Lexmark ≫ Ms811 Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms811 Version-

Lexmark ≫ Ms812 Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms812 Version-

Lexmark ≫ Ms817 Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms817 Version-

Lexmark ≫ Ms818 Firmware Version <= lw73.dn2.p263

Lexmark ≫ Ms818 Version-

Lexmark ≫ Ms810de Firmware Version <= lw73.dn4.p263

Lexmark ≫ Ms810de Version-

Lexmark ≫ M5155 Firmware Version <= lw73.dn4.p263

Lexmark ≫ M5155 Version-

Lexmark ≫ M5163 Firmware Version <= lw73.dn4.p263

Lexmark ≫ M5163 Version-

Lexmark ≫ Ms812de Firmware Version <= lw73.dn7.p263

Lexmark ≫ Ms812de Version-

Lexmark ≫ M5170 Firmware Version <= lw73.dn7.p263

Lexmark ≫ M5170 Version-

Lexmark ≫ Ms91x Firmware Version <= lw73.sa.p263

Lexmark ≫ Ms91x Version-

Lexmark ≫ Mx31x Firmware Version <= lw73.sb2.p263

Lexmark ≫ Mx31x Version-

Lexmark ≫ Xm1135 Firmware Version <= lw73.sb2.p263

Lexmark ≫ Xm1135 Version-

Lexmark ≫ Mx410 Firmware Version <= lw73.sb4.p263

Lexmark ≫ Mx410 Version-

Lexmark ≫ Mx510 Firmware Version <= lw73.sb4.p263

Lexmark ≫ Mx510 Version-

Lexmark ≫ Mx511 Firmware Version <= lw73.sb4.p263

Lexmark ≫ Mx511 Version-

Lexmark ≫ Mx610 Firmware Version <= lw73.sb7.p263

Lexmark ≫ Mx610 Version-

Lexmark ≫ Mx611 Firmware Version <= lw73.sb7.p263

Lexmark ≫ Mx611 Version-

Lexmark ≫ Xm3150 Firmware Version <= lw73.sb7.p263

Lexmark ≫ Xm3150 Version-

Lexmark ≫ Mx71x Firmware Version <= lw73.tu.p263

Lexmark ≫ Mx71x Version-

Lexmark ≫ Mx81x Firmware Version <= lw73.tu.p263

Lexmark ≫ Mx81x Version-

Lexmark ≫ Xm51xx Firmware Version <= lw73.tu.p263

Lexmark ≫ Xm51xx Version-

Lexmark ≫ Xm71xx Firmware Version <= lw73.tu.p263

Lexmark ≫ Xm71xx Version-

Lexmark ≫ Mx91x Firmware Version <= lw73.mg.p263

Lexmark ≫ Mx91x Version-

Lexmark ≫ Xm91x Firmware Version <= lw73.mg.p263

Lexmark ≫ Xm91x Version-

Lexmark ≫ Mx6500e Firmware Version <= lw73.jd.p263

Lexmark ≫ Mx6500e Version-

Lexmark ≫ C746 Firmware Version <= lhs60.cm2.p731

Lexmark ≫ C746 Version-

Lexmark ≫ C748 Firmware Version <= lhs60.cm4.p731

Lexmark ≫ C748 Version-

Lexmark ≫ Cs748 Firmware Version <= lhs60.cm4.p731

Lexmark ≫ Cs748 Version-

Lexmark ≫ C792 Firmware Version <= lhs60.hc.p731

Lexmark ≫ C792 Version-

Lexmark ≫ Cs796 Firmware Version <= lhs60.hc.p731

Lexmark ≫ Cs796 Version-

Lexmark ≫ C925 Firmware Version <= lhs60.hv.p731

Lexmark ≫ C925 Version-

Lexmark ≫ C950 Firmware Version <= lhs60.tp.p731

Lexmark ≫ C950 Version-

Lexmark ≫ X548 Firmware Version <= lhs60.vk.p731

Lexmark ≫ X548 Version-

Lexmark ≫ Xs548 Firmware Version <= lhs60.vk.p731

Lexmark ≫ Xs548 Version-

Lexmark ≫ X74x Firmware Version <= lhs60.ny.p731

Lexmark ≫ X74x Version-

Lexmark ≫ Xs748 Firmware Version <= lhs60.ny.p731

Lexmark ≫ Xs748 Version-

Lexmark ≫ X792 Firmware Version <= lhs60.mr.p731

Lexmark ≫ X792 Version-

Lexmark ≫ Xs79x Firmware Version <= lhs60.mr.p731

Lexmark ≫ Xs79x Version-

Lexmark ≫ X925 Firmware Version <= lhs60.hk.p731

Lexmark ≫ X925 Version-

Lexmark ≫ Xs925 Firmware Version <= lhs60.hk.p731

Lexmark ≫ Xs925 Version-

Lexmark ≫ X95x Firmware Version <= lhs60.tq.p731

Lexmark ≫ X95x Version-

Lexmark ≫ Xs95x Firmware Version <= lhs60.tq.p731

Lexmark ≫ Xs95x Version-

Lexmark ≫ 6500e Firmware Version <= lhs60.jr.p731

Lexmark ≫ 6500e Version-

Lexmark ≫ C734 Firmware Version <= lr.sk.p822

Lexmark ≫ C734 Version-

Lexmark ≫ C736 Firmware Version <= lr.ske.p822

Lexmark ≫ C736 Version-

Lexmark ≫ E46x Firmware Version <= lr.lbh.p822

Lexmark ≫ E46x Version-

Lexmark ≫ T65x Firmware Version <= lr.jp.p822

Lexmark ≫ T65x Version-

Lexmark ≫ X46x Firmware Version <= lr.bs.p822

Lexmark ≫ X46x Version-

Lexmark ≫ X65x Firmware Version <= lr.mn.p822

Lexmark ≫ X65x Version-

Lexmark ≫ X73x Firmware Version <= lr.fl.p822

Lexmark ≫ X73x Version-

Lexmark ≫ W850 Firmware Version <= lp.jb.p821

Lexmark ≫ W850 Version-

Lexmark ≫ X86x Firmware Version <= lp.sp.p821

Lexmark ≫ X86x Version-

Lexmark ≫ Cx410 Firmware Version <= lw73.gm4.p263

Lexmark ≫ Cx410 Version-

Lexmark ≫ Xc2130 Firmware Version <= lw73.gm4.p263

Lexmark ≫ Xc2130 Version-

Lexmark ≫ Cx510 Firmware Version <= lw73.gm7.p263

Lexmark ≫ Cx510 Version-

Lexmark ≫ Xc2132 Firmware Version <= lw73.gm7.p263

Lexmark ≫ Xc2132 Version-

Lexmark ≫ Cx51x Firmware Version <= lw73.vy4.p263

Lexmark ≫ Cx51x Version-

Lexmark ≫ Ms610de Firmware Version <= lw73.pr4.p263

Lexmark ≫ Ms610de Version-

Lexmark ≫ M3150 Firmware Version <= lw73.pr4.p263

Lexmark ≫ M3150 Version-

Lexmark ≫ Xm1140 Firmware Version <= lw73.sb4.p263

Lexmark ≫ Xm1140 Version-

Lexmark ≫ Xm1145 Firmware Version <= lw73.sb4.p263

Lexmark ≫ Xm1145 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.3%	0.501

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	2.3	2.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://support.lexmark.com/alerts/

Vendor Advisory

http://support.lexmark.com/index?page=content&id=TE933&modifiedDate=02/04/20&actp=LIST_RECENT&userlocale=EN_US&locale=en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-18791

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-18791

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-18791

EUVD