CVE-2023-40239

EPSS 0.21%
Veröffentlicht 01.09.2023 11:15:42
Zuletzt bearbeitet 21.11.2024 08:19:03
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lexmark ≫ C2132 Firmware Version <= lw80.vy4.p245

Lexmark ≫ C2132 Version-

Lexmark ≫ Cs310 Firmware Version <= lw80.vyl.p245

Lexmark ≫ Cs310 Version-

Lexmark ≫ Cs317 Firmware Version <= lw80.vyl.p245

Lexmark ≫ Cs317 Version-

Lexmark ≫ Cs410 Firmware Version <= lw80.vy2.p245

Lexmark ≫ Cs410 Version-

Lexmark ≫ Cs417 Firmware Version <= lw80.vy2.p245

Lexmark ≫ Cs417 Version-

Lexmark ≫ Cs510 Firmware Version <= lw80.vy4.p245

Lexmark ≫ Cs510 Version-

Lexmark ≫ Cs517 Firmware Version <= lw80.vy4.p245

Lexmark ≫ Cs517 Version-

Lexmark ≫ Cx310 Firmware Version <= lw80.gm2.p245

Lexmark ≫ Cx310 Version-

Lexmark ≫ Cx317 Firmware Version <= lw80.gm2.p245

Lexmark ≫ Cx317 Version-

Lexmark ≫ Cx410 Firmware Version <= lw80.gm4.p245

Lexmark ≫ Cx410 Version-

Lexmark ≫ Cx417 Firmware Version <= lw80.gm4.p245

Lexmark ≫ Cx417 Version-

Lexmark ≫ Cx510 Firmware Version <= lw80.gm7.p245

Lexmark ≫ Cx510 Version-

Lexmark ≫ Cx517 Firmware Version <= lw80.gm7.p245

Lexmark ≫ Cx517 Version-

Lexmark ≫ M1140+ Firmware Version <= lw80.pr2.p245

Lexmark ≫ M1140+ Version-

Lexmark ≫ M1140 Firmware Version <= lw80.prl.p245

Lexmark ≫ M1140 Version-

Lexmark ≫ M1145 Firmware Version <= lw80.pr2.p245

Lexmark ≫ M1145 Version-

Lexmark ≫ M3150de Firmware Version <= lw80.pr4.p245

Lexmark ≫ M3150de Version-

Lexmark ≫ M3150dn Firmware Version <= lw80.pr2.p245

Lexmark ≫ M3150dn Version-

Lexmark ≫ M5155 Firmware Version <= lw80.dn4.p245

Lexmark ≫ M5155 Version-

Lexmark ≫ M5163de Firmware Version <= lw80.dn4.p245

Lexmark ≫ M5163de Version-

Lexmark ≫ M5163dn Firmware Version <= lw80.dn2.p245

Lexmark ≫ M5163dn Version-

Lexmark ≫ M5170 Firmware Version <= lw80.dn7.p245

Lexmark ≫ M5170 Version-

Lexmark ≫ Ms310 Firmware Version <= lw80.prl.p245

Lexmark ≫ Ms310 Version-

Lexmark ≫ Ms312 Firmware Version <= lw80.prl.p245

Lexmark ≫ Ms312 Version-

Lexmark ≫ Ms315 Firmware Version <= lw80.tl2.p245

Lexmark ≫ Ms315 Version-

Lexmark ≫ Ms317 Firmware Version <= lw80.prl.p245

Lexmark ≫ Ms317 Version-

Lexmark ≫ Ms410 Firmware Version <= lw80.prl.p245

Lexmark ≫ Ms410 Version-

Lexmark ≫ Ms415 Firmware Version <= lw80.tl2.p245

Lexmark ≫ Ms415 Version-

Lexmark ≫ Ms417 Firmware Version <= lw80.tl2.p245

Lexmark ≫ Ms417 Version-

Lexmark ≫ Ms510 Firmware Version <= lw80.pr2.p245

Lexmark ≫ Ms510 Version-

Lexmark ≫ Ms517 Firmware Version <= lw80.pr2.p245

Lexmark ≫ Ms517 Version-

Lexmark ≫ Ms610de Firmware Version <= lw80.pr4.p245

Lexmark ≫ Ms610de Version-

Lexmark ≫ Ms610dn Firmware Version <= lw80.pr2.p245

Lexmark ≫ Ms610dn Version-

Lexmark ≫ Ms617 Firmware Version <= lw80.pr2.p245

Lexmark ≫ Ms617 Version-

Lexmark ≫ Ms710 Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms710 Version-

Lexmark ≫ Ms711 Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms711 Version-

Lexmark ≫ Ms810de Firmware Version <= lw80.dn4.p245

Lexmark ≫ Ms810de Version-

Lexmark ≫ Ms810dn Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms810dn Version-

Lexmark ≫ Ms811 Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms811 Version-

Lexmark ≫ Ms812de Firmware Version <= lw80.dn7.p245

Lexmark ≫ Ms812de Version-

Lexmark ≫ Ms812dn Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms812dn Version-

Lexmark ≫ Ms817 Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms817 Version-

Lexmark ≫ Ms818 Firmware Version <= lw80.dn2.p245

Lexmark ≫ Ms818 Version-

Lexmark ≫ Ms911 Firmware Version <= lw80.sa.p245

Lexmark ≫ Ms911 Version-

Lexmark ≫ Mx310 Firmware Version <= lw80.sb2.p245

Lexmark ≫ Mx310 Version-

Lexmark ≫ Mx317 Firmware Version <= lw80.sb2.p245

Lexmark ≫ Mx317 Version-

Lexmark ≫ Mx410 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Mx410 Version-

Lexmark ≫ Mx417 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Mx417 Version-

Lexmark ≫ Mx510 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Mx510 Version-

Lexmark ≫ Mx511 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Mx511 Version-

Lexmark ≫ Mx517 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Mx517 Version-

Lexmark ≫ Mx610 Firmware Version <= lw80.sb7.p245

Lexmark ≫ Mx610 Version-

Lexmark ≫ Mx611 Firmware Version <= lw80.sb7.p245

Lexmark ≫ Mx611 Version-

Lexmark ≫ Mx617 Firmware Version <= lw80.sb7.p245

Lexmark ≫ Mx617 Version-

Lexmark ≫ Mx710 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx710 Version-

Lexmark ≫ Mx711 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx711 Version-

Lexmark ≫ Mx717 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx717 Version-

Lexmark ≫ Mx718 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx718 Version-

Lexmark ≫ Mx810 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx810 Version-

Lexmark ≫ Mx811 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx811 Version-

Lexmark ≫ Mx812 Firmware Version <= lw80.tu.p245

Lexmark ≫ Mx812 Version-

Lexmark ≫ Mx910 Firmware Version <= lw80.mg.p245

Lexmark ≫ Mx910 Version-

Lexmark ≫ Mx911 Firmware Version <= lw80.mg.p245

Lexmark ≫ Mx911 Version-

Lexmark ≫ Mx912 Firmware Version <= lw80.mg.p245

Lexmark ≫ Mx912 Version-

Lexmark ≫ Xc2130 Firmware Version <= lw80.gm4.p245

Lexmark ≫ Xc2130 Version-

Lexmark ≫ Xc2132 Firmware Version <= lw80.gm7.p245

Lexmark ≫ Xc2132 Version-

Lexmark ≫ Xm1135 Firmware Version <= lw80.sb2.p245

Lexmark ≫ Xm1135 Version-

Lexmark ≫ Xm1140 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Xm1140 Version-

Lexmark ≫ Xm1145 Firmware Version <= lw80.sb4.p245

Lexmark ≫ Xm1145 Version-

Lexmark ≫ Xm3150 Firmware Version <= lw80.sb7.p245

Lexmark ≫ Xm3150 Version-

Lexmark ≫ Xm5163 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm5163 Version-

Lexmark ≫ Xm5170 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm5170 Version-

Lexmark ≫ Xm5263 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm5263 Version-

Lexmark ≫ Xm5270 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm5270 Version-

Lexmark ≫ Xm7155 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm7155 Version-

Lexmark ≫ Xm7163 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm7163 Version-

Lexmark ≫ Xm7170 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm7170 Version-

Lexmark ≫ Xm7263 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm7263 Version-

Lexmark ≫ Xm7270 Firmware Version <= lw80.tu.p245

Lexmark ≫ Xm7270 Version-

Lexmark ≫ Xm9145 Firmware Version <= lw80.mg.p245

Lexmark ≫ Xm9145 Version-

Lexmark ≫ Xm9155 Firmware Version <= lw80.mg.p245

Lexmark ≫ Xm9155 Version-

Lexmark ≫ Xm9165 Firmware Version <= lw80.mg.p245

Lexmark ≫ Xm9165 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.43

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-611 Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-40239

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-40239

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-40239

EUVD