7.5
CVE-2026-5115
- EPSS 0.02%
- Veröffentlicht 31.03.2026 00:54:48
- Zuletzt bearbeitet 03.04.2026 18:11:36
- Quelle eb41dac7-0af8-4f84-9f6d-027277
- CVE-Watchlists
- Unerledigt
LoginThe PaperCut NG/MF (specifically, the embedded application for Konica Minolta devices) is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the communication channel between the embedded application and the server was insecure, which could leak data including sensitive information that may be used to mount an attack on the device. Such an attack could potentially be used to steal data or to perform a phishing attack on the end user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Papercut ≫ Papercut Mf Version < 25.0.5
Papercut ≫ Papercut Mf Konica Minolta Version < 25.0.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.035 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| eb41dac7-0af8-4f84-9f6d-0272772514f4 | 3.6 | 0 | 0 |
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.