Vulnerabilites related to papercut - papercut_ng
Vulnerability from fkie_nvd
Published
2019-06-06 17:29
Modified
2024-11-21 04:22
Severity ?
Summary
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.papercut.com/products/mf/release-history/ | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://www.papercut.com/products/ng/release-history/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/products/mf/release-history/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/products/ng/release-history/ | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9538D248-2BB2-4FE4-B11A-7C97962EEA53",
"versionEndIncluding": "18.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D14123DF-D87E-49F7-A600-88B2DF8DD573",
"versionEndIncluding": "19.0.3",
"versionStartIncluding": "19.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D935038-CDB9-4D1B-AD74-67237CCE2C57",
"versionEndIncluding": "18.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35C8CC9F-6D73-4923-83BC-CCE0383228C7",
"versionEndIncluding": "19.0.3",
"versionStartIncluding": "19.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector."
},
{
"lang": "es",
"value": "Una vulnerabilidad sin especificar en la aplicaci\u00f3n server in PaperCut MF y NG versiones 18.3.8 y versiones anteriores 19.0.3 y anteriores, permiten que un atacante remoto ejecute c\u00f3digos arbitrarios mediante un vector sin especificar."
}
],
"id": "CVE-2019-12135",
"lastModified": "2024-11-21T04:22:17.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-06T17:29:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/ng/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 03:15
Modified
2025-01-23 20:15
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS PaperCut NG/MF servers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS PaperCut NG/MF servers."
},
{
"lang": "es",
"value": "Esta vulnerabilidad potencialmente permite que los archivos en un servidor PaperCut NG/MF queden expuestos utilizando un payload formado espec\u00edficamente contra el endpoint API afectado. El atacante debe realizar alg\u00fan reconocimiento para conocer un token del sistema. Este CVE solo afecta a los servidores PaperCut NG/MF de Linux y macOS."
}
],
"id": "CVE-2024-1221",
"lastModified": "2025-01-23T20:15:15.117",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T03:15:06.607",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-76"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-13 21:15
Modified
2024-11-21 08:35
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/research/tra-2023-31 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2023-31 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F745BB14-82EB-4539-BECB-0A96C4C60E99",
"versionEndIncluding": "22.0.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch."
},
{
"lang": "es",
"value": "PaperCut NG permite ejecutar comandos XMLRPC no autenticados de forma predeterminada. Se confirma que las versiones 22.0.12 e inferiores est\u00e1n afectadas, pero las versiones posteriores tambi\u00e9n pueden verse afectadas debido a la falta de un parche proporcionado por el proveedor."
}
],
"id": "CVE-2023-4568",
"lastModified": "2024-11-21T08:35:26.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-13T21:15:07.807",
"references": [
{
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-31"
}
],
"sourceIdentifier": "vulnreport@tenable.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-04 17:15
Modified
2024-11-21 08:14
Severity ?
Summary
PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.papercut.com/kb/Main/securitybulletinjuly2023/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/kb/Main/securitybulletinjuly2023/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1E7B69-F906-49B6-A5AE-BC95E528AB81",
"versionEndExcluding": "22.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9EEC66-6455-4B4E-879D-7109E6E16199",
"versionEndExcluding": "22.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration)."
},
{
"lang": "es",
"value": "PaperCut NG y PaperCut MF antes de 22.1.3 en Windows permiten atravesar rutas, lo que permite a los atacantes cargar, leer o eliminar archivos arbitrarios. Esto conduce a la ejecuci\u00f3n remota de c\u00f3digo cuando la integraci\u00f3n de dispositivos externos est\u00e1 habilitada (una configuraci\u00f3n muy com\u00fan).\n"
}
],
"id": "CVE-2023-39143",
"lastModified": "2024-11-21T08:14:47.763",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-04T17:15:11.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/securitybulletinjuly2023/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/securitybulletinjuly2023/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 03:15
Modified
2025-01-23 20:15
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls."
},
{
"lang": "es",
"value": "Esto permite a los atacantes utilizar una solicitud de API formada de forma maliciosa para obtener acceso a un nivel de autorizaci\u00f3n de API con privilegios elevados. Esto se aplica a un peque\u00f1o subconjunto de llamadas API de PaperCut NG/MF."
}
],
"id": "CVE-2024-1222",
"lastModified": "2025-01-23T20:15:52.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T03:15:07.090",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:44
Modified
2025-01-30 14:58
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation.
Note:
This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8A9B5-11C6-4FE2-B672-0EC6EF8075CC",
"versionEndExcluding": "23.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA96610E-7518-4215-B5FF-1B4444BE2DA4",
"versionEndExcluding": "23.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled.\u00a0This specific flaw exists within the image-handler process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can lead to local privilege escalation.\n\nNote: \n\nThis CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it\u2019s been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de creaci\u00f3n de archivos arbitraria en PaperCut NG/MF que solo afecta a los servidores Windows con Web Print habilitado. Esta vulnerabilidad requiere inicio de sesi\u00f3n local/acceso a la consola del servidor PaperCut NG/MF (por ejemplo: miembro de un grupo de administraci\u00f3n de dominio)."
}
],
"id": "CVE-2024-4712",
"lastModified": "2025-01-30T14:58:45.433",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:44:27.660",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/security-bulletin-may-2024/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 04:15
Modified
2025-01-23 21:06
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker\u0027s choosing."
},
{
"lang": "es",
"value": "Esta es una vulnerabilidad de Server-Side Request Forgery (SSRF) en PaperCut NG/MF server-side module que permite a un atacante inducir a la aplicaci\u00f3n del lado del servidor a realizar solicitudes HTTP a un dominio arbitrario de su elecci\u00f3n."
}
],
"id": "CVE-2024-1884",
"lastModified": "2025-01-23T21:06:27.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T04:15:08.697",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-19 14:15
Modified
2024-11-21 08:01
Severity ?
Summary
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach getStaticContent in UIContentResource.class in the static-content-files servlet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E017C8AB-3DE6-4506-8F25-95DCD901FFAE",
"versionEndExcluding": "22.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB63050-D74D-417B-9639-B81D3B789EE1",
"versionEndExcluding": "22.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server\u0027s filesystem, because requests beginning with \"GET /ui/static/..//..\" reach getStaticContent in UIContentResource.class in the static-content-files servlet."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Path Traversal en PaperCut NG anterior a 22.1.1 y PaperCut MF anterior a 22.1.1. En condiciones espec\u00edficas, esto podr\u00eda permitir que un atacante autenticado obtenga acceso de solo lectura al sistema de archivos del servidor, porque las solicitudes que comienzan con \"GET /ui/static/..//..\" alcanza getStaticContent en UIContentResource.class en el servlet static-content-files."
}
],
"id": "CVE-2023-31046",
"lastModified": "2024-11-21T08:01:18.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-19T14:15:08.883",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://research.aurainfosec.io/disclosure/papercut/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://web.archive.org/web/20230814061444/https://research.aurainfosec.io/disclosure/papercut/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219#security-notifications"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://research.aurainfosec.io/disclosure/papercut/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://web.archive.org/web/20230814061444/https://research.aurainfosec.io/disclosure/papercut/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219#security-notifications"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-28 14:09
Modified
2024-11-21 02:06
Severity ?
Summary
Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | 12.0 | |
| papercut | papercut_mf | 12.1 | |
| papercut | papercut_mf | 12.2 | |
| papercut | papercut_mf | 12.3 | |
| papercut | papercut_mf | 12.4 | |
| papercut | papercut_mf | 12.5 | |
| papercut | papercut_mf | 13.0 | |
| papercut | papercut_mf | 13.1 | |
| papercut | papercut_mf | 13.2 | |
| papercut | papercut_mf | 13.3 | |
| papercut | papercut_mf | 13.4 | |
| papercut | papercut_mf | 13.5 | |
| papercut | papercut_mf | 14.0 | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | 12.0 | |
| papercut | papercut_ng | 12.1 | |
| papercut | papercut_ng | 12.2 | |
| papercut | papercut_ng | 12.3 | |
| papercut | papercut_ng | 12.4 | |
| papercut | papercut_ng | 12.5 | |
| papercut | papercut_ng | 13.0 | |
| papercut | papercut_ng | 13.1 | |
| papercut | papercut_ng | 13.2 | |
| papercut | papercut_ng | 13.3 | |
| papercut | papercut_ng | 13.4 | |
| papercut | papercut_ng | 13.5 | |
| papercut | papercut_ng | 14.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C39F2093-2205-4065-930D-433B45C6F868",
"versionEndIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF398E65-476C-41C5-9C96-243740F1B429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "322A6E60-374D-437D-9F7F-C0DE19894279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DECB5F11-6E2B-42B6-8964-83EA876BF735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A31AA18-E4C0-4173-9461-2A51723C001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22BBE05F-26E5-417D-8841-9A2E47D040CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D14BAE3F-FA54-4495-BE0C-913CC76E4B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D05483BC-AF45-4A20-93F1-7B9CA6ED104D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "661D8595-B0C2-4B81-A921-18031B681B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "851320F4-8239-482C-A164-1372D7C6AAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1429B0AE-F0BB-4770-B8AB-26CA0BBD9975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8966A5-3C9E-42DB-92A9-74975E6957FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B2F6E5F3-FDED-47C6-91D4-6FC6317E4DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3266B2-CBDC-432D-ACBA-FDF293368FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "159145D0-A4ED-4F74-9A1F-6BBB2CC7568A",
"versionEndIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43F90D1A-6523-4EA2-BD70-3230E01A66E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD91C180-D7F1-43BE-8472-5E72DF27993E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2464601-F136-410A-862F-2273B1782AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "419FEFF8-A892-403C-BF8A-304272EE16D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D02D413C-693E-45B9-83A4-CBFA844FEBB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8A222F-CEEF-481A-BE3C-0D736CE64A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6C4B24-3F7E-48C8-9FE6-5DBFEB4425A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10E34435-E2C8-417A-9950-FECD267DEA27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30875001-1705-4B52-8DC2-6898DAE23BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B66EF4D7-6BBE-4A71-A887-59105AFBEE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2620A163-36DD-4D89-8044-893B1A4E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6BA83-BF06-4E4A-A474-0AB98C55F3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9025F2-7C5C-4FC9-A239-584215618239",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Papercut MF y NG anterior a 14.1 (Build 26983) permite a atacantes causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-2658",
"lastModified": "2024-11-21T02:06:44.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-28T14:09:07.517",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58037"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.papercut.com/release-history/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.papercut.com/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92649"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-26 02:15
Modified
2024-10-03 15:19
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder.
Important: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.
Note:
This CVE has been split from CVE-2024-3037.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| eb41dac7-0af8-4f84-9f6d-0272772514f4 | https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8A9B5-11C6-4FE2-B672-0EC6EF8075CC",
"versionEndExcluding": "23.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA96610E-7518-4215-B5FF-1B4444BE2DA4",
"versionEndExcluding": "23.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder. \n\nImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.\n\nNote: \n\nThis CVE has been split from CVE-2024-3037."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en PaperCut NG/MF, que afecta espec\u00edficamente a servidores Windows con Web Print habilitado. Para explotar esta vulnerabilidad, un atacante primero debe obtener acceso de inicio de sesi\u00f3n local al servidor Windows que aloja PaperCut NG/MF y ser capaz de ejecutar c\u00f3digo con privilegios bajos directamente en el servidor a trav\u00e9s de la carpeta activa de impresi\u00f3n web. Importante: En la mayor\u00eda de las instalaciones, este riesgo se mitiga con la configuraci\u00f3n predeterminada de Windows Server, que restringe el acceso de inicio de sesi\u00f3n local solo a los administradores. Sin embargo, esta vulnerabilidad podr\u00eda representar un riesgo para los clientes que permiten que usuarios no administrativos inicien sesi\u00f3n en la consola local del entorno Windows que aloja el servidor de aplicaciones PaperCut NG/MF. Nota: Esta CVE se ha separado de CVE-2024-3037."
}
],
"id": "CVE-2024-8404",
"lastModified": "2024-10-03T15:19:28.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-26T02:15:02.797",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-25 13:15
Modified
2024-11-21 08:17
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1E7B69-F906-49B6-A5AE-BC95E528AB81",
"versionEndExcluding": "22.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9EEC66-6455-4B4E-879D-7109E6E16199",
"versionEndExcluding": "22.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.\n"
},
{
"lang": "es",
"value": "Existe una omisi\u00f3n de autenticaci\u00f3n en las versiones 22.0.12 y anteriores de PaperCut NG que podr\u00eda permitir a un atacante no remoto no autenticado cargar archivos arbitrarios en el almacenamiento del host de PaperCut NG. Esto podr\u00eda agotar los recursos del sistema e impedir que el servicio funcione como se espera. "
}
],
"id": "CVE-2023-3486",
"lastModified": "2024-11-21T08:17:22.333",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-25T13:15:10.330",
"references": [
{
"source": "vulnreport@tenable.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
},
{
"source": "vulnreport@tenable.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2023-23"
}
],
"sourceIdentifier": "vulnreport@tenable.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "vulnreport@tenable.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-26 02:15
Modified
2024-10-03 00:51
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.
Note:
This CVE has been split from CVE-2024-4712.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| eb41dac7-0af8-4f84-9f6d-0272772514f4 | https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8A9B5-11C6-4FE2-B672-0EC6EF8075CC",
"versionEndExcluding": "23.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA96610E-7518-4215-B5FF-1B4444BE2DA4",
"versionEndExcluding": "23.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.\n\nNote: \n\nThis CVE has been split from CVE-2024-4712."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de creaci\u00f3n de archivos arbitrarios en PaperCut NG/MF que solo afecta a los servidores Windows con Web Print habilitado. Esta falla espec\u00edfica existe dentro del proceso web-print.exe, que puede crear incorrectamente archivos que no existen cuando se proporciona un payload malicioso. Esto se puede utilizar para inundar el espacio del disco y provocar un ataque de denegaci\u00f3n de servicio (DoS). Nota: esta CVE se ha separado de CVE-2024-4712."
}
],
"id": "CVE-2024-8405",
"lastModified": "2024-10-03T00:51:18.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-26T02:15:03.007",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-22 20:15
Modified
2025-01-09 15:46
Severity ?
Summary
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.
The specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.papercut.com/kb/Main/SecurityBulletinJune2023/ | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-786/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB63050-D74D-417B-9639-B81D3B789EE1",
"versionEndExcluding": "22.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en la funci\u00f3n peligrosa print.script.sandboxed de PaperCut NG expuesta. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de PaperCut NG. Se requiere autenticaci\u00f3n para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la administraci\u00f3n de la configuraci\u00f3n print.script.sandboxed. El problema es el resultado de la exposici\u00f3n de una funci\u00f3n peligrosa. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-20965."
}
],
"id": "CVE-2023-39470",
"lastModified": "2025-01-09T15:46:02.227",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-22T20:15:05.487",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-786/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-749"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-10 00:15
Modified
2025-01-30 14:55
Severity ?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AE5D47-8CB0-430E-B147-600B3A8ADEE0",
"versionEndExcluding": "24.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93771380-A071-496A-9219-72299310F2F6",
"versionEndExcluding": "24.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de Cross Site Scripting (XSS) reflejado en PaperCut NG/MF. Este problema se puede aprovechar para ejecutar payloads de JavaScript manipuladas especialmente en el navegador. El usuario debe hacer clic en un enlace malicioso para que se produzca este problema."
}
],
"id": "CVE-2024-9672",
"lastModified": "2025-01-30T14:55:08.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW"
},
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
}
]
},
"published": "2024-12-10T00:15:22.893",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/security-bulletin-december-2024/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-20 15:15
Modified
2024-11-21 07:58
Severity ?
8.4 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in
PaperCut NG/MF, which, under specific conditions, could potentially enable
an attacker to alter security settings or execute arbitrary code. This could
be exploited if the target is an admin with a current login session. Exploiting
this would typically involve the possibility of deceiving an admin into clicking
a specially crafted malicious link, potentially leading to unauthorized changes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | 22.0.10 | |
| papercut | papercut_ng | 22.0.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:22.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "17E90E69-B5B5-4F51-B478-CC4CF7B9440D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:22.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1E8F89-A578-499F-92BF-F3E71C5FDA4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability has been identified in\nPaperCut NG/MF, which, under specific conditions, could potentially enable\nan attacker to alter security settings or execute arbitrary code. This could\nbe exploited if the target is an admin with a current login session. Exploiting\nthis would typically involve the possibility of deceiving an admin into clicking\na specially crafted malicious link, potentially leading to unauthorized changes.\n"
}
],
"id": "CVE-2023-2533",
"lastModified": "2024-11-21T07:58:47.400",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0,
"source": "help@fluidattacks.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-20T15:15:11.560",
"references": [
{
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://fluidattacks.com/advisories/arcangel/"
},
{
"source": "help@fluidattacks.com",
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://fluidattacks.com/advisories/arcangel/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
}
],
"sourceIdentifier": "help@fluidattacks.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "help@fluidattacks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-20 04:29
Modified
2024-11-21 04:50
Severity ?
Summary
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.papercut.com/products/mf/release-history/ | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://www.papercut.com/products/ng/release-history/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/products/mf/release-history/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/products/ng/release-history/ | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE939C2-CC56-460B-B6B0-DAEF4E77F4DA",
"versionEndExcluding": "18.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4ED3A9-9771-4AB3-8F82-74B0BCA485D5",
"versionEndExcluding": "18.3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163."
},
{
"lang": "es",
"value": "PaperCut MF, en versiones anteriores a la 18.3.6, y PaperCut NG, en versiones anteriores a la 18.3.6, permiten la inyecci\u00f3n de scripts mediante la interfaz de usuario, tambi\u00e9n conocida como PC-15163."
}
],
"id": "CVE-2019-8948",
"lastModified": "2024-11-21T04:50:43.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-20T04:29:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/ng/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-03 03:15
Modified
2025-01-30 14:53
Severity ?
Summary
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.
The specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/ | Related, Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-1285/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/ | Related, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-1285/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E017C8AB-3DE6-4506-8F25-95DCD901FFAE",
"versionEndExcluding": "22.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB63050-D74D-417B-9639-B81D3B789EE1",
"versionEndExcluding": "22.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de inyecci\u00f3n de c\u00f3digo de b\u00fasqueda de usuario externo de PaperCut NG. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de PaperCut NG. Se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la funcionalidad de b\u00fasqueda de usuarios externos. El problema se debe a la falta de validaci\u00f3n adecuada de una cadena proporcionada por el usuario antes de usarla para ejecutar c\u00f3digo Java. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de SYSTEM. Era ZDI-CAN-21013."
}
],
"id": "CVE-2023-39469",
"lastModified": "2025-01-30T14:53:12.927",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-03T03:15:12.730",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Related",
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1285/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Related",
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1285/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 15:39
Modified
2025-01-27 18:05
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server.
Important: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.
Note: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8A9B5-11C6-4FE2-B672-0EC6EF8075CC",
"versionEndExcluding": "23.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA96610E-7518-4215-B5FF-1B4444BE2DA4",
"versionEndExcluding": "23.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server. \n\nImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.\n\nNote: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it\u2019s been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en PaperCut NG/MF que solo afecta a los servidores Windows con Web Print habilitado. Esta vulnerabilidad requiere acceso a la consola o inicio de sesi\u00f3n local al servidor PaperCut NG/MF (por ejemplo, miembro de un grupo de administraci\u00f3n de dominio)."
}
],
"id": "CVE-2024-3037",
"lastModified": "2025-01-27T18:05:07.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T15:39:48.660",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/security-bulletin-may-2024/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-20 16:15
Modified
2024-11-21 07:52
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.papercut.com/kb/Main/PO-1216-and-PO-1219 | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-232/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.papercut.com/kb/Main/PO-1216-and-PO-1219 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-232/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87F5547A-059F-46A7-A8DB-0613BEF043A5",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D231C34-F58C-4CA1-B158-64778AC17991",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A326E88D-635E-4AC1-B5CE-455306FC9D55",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDC8CF8-64FB-4A9A-95FB-F0F5AEB98CC9",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE19845-02F0-4BB9-BECB-49B34FACB55D",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1852E7B-0B3F-4208-A26E-CB117E0C0CD8",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226."
}
],
"id": "CVE-2023-27351",
"lastModified": "2024-11-21T07:52:43.087",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-20T16:15:07.723",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-232/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-232/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 04:15
Modified
2025-01-23 20:30
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite que un usuario administrador ya autenticado cree un payload malicioso que podr\u00eda aprovecharse para la ejecuci\u00f3n remota de c\u00f3digo en el servidor que aloja el servidor de aplicaciones PaperCut NG/MF."
}
],
"id": "CVE-2024-1882",
"lastModified": "2025-01-23T20:30:14.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T04:15:08.003",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-76"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 03:15
Modified
2025-01-23 20:29
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this. "
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite potencialmente operaciones de escritura no autorizadas que pueden conducir a la ejecuci\u00f3n remota de c\u00f3digo. Un atacante ya debe tener acceso de administrador autenticado y conocimiento tanto de un identificador interno del sistema como de los detalles de otro usuario v\u00e1lido para explotar esto."
}
],
"id": "CVE-2024-1654",
"lastModified": "2025-01-23T20:29:56.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T03:15:08.033",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-183"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 04:15
Modified
2025-01-23 21:06
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability."
},
{
"lang": "es",
"value": "Esta es una vulnerabilidad de Cross Site Scripting reflejada en el servidor de aplicaciones PaperCut NG/MF. Un atacante puede aprovechar esta debilidad creando una URL maliciosa que contenga un script. Cuando un usuario desprevenido hace clic en este enlace malicioso, podr\u00eda provocar una p\u00e9rdida limitada de confidencialidad, integridad o disponibilidad."
}
],
"id": "CVE-2024-1883",
"lastModified": "2025-01-23T21:06:04.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T04:15:08.353",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-76"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-14 03:15
Modified
2025-01-23 20:29
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87E57A99-6580-4C5D-AD49-2C77153698B5",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862C5A-C51D-455A-BA4C-62AF4B5593D6",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B444455-3DE9-4268-AED3-9457016B833F",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06311316-1937-41A4-BEE2-57F7C4F6B6BC",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A1BAB4-D3AC-4A06-B2AB-E46DED8CB19D",
"versionEndExcluding": "20.1.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570DCFBC-7689-4E77-A8BF-8F310545EDE3",
"versionEndExcluding": "21.2.14",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "728ECAA8-FE3E-4F6D-8862-AF0C100C6699",
"versionEndExcluding": "22.1.5",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7155AC1E-E4C8-4EF5-B593-7C924AF0C625",
"versionEndExcluding": "23.0.7",
"versionStartIncluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite potencialmente la enumeraci\u00f3n no autorizada de informaci\u00f3n de las API del dispositivo integrado. Un atacante ya debe tener conocimiento de alguna combinaci\u00f3n de nombres de usuario v\u00e1lidos, nombres de dispositivos y una clave interna del sistema. Para que un ataque de este tipo tenga \u00e9xito, el sistema debe estar en un estado de ejecuci\u00f3n espec\u00edfico."
}
],
"id": "CVE-2024-1223",
"lastModified": "2025-01-23T20:29:14.543",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-14T03:15:07.580",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-488"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-14 04:15
Modified
2024-11-21 08:42
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
Note: This CVE has been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C90A3C1C-5F05-4FA3-89D6-8A6D0A17664B",
"versionEndExcluding": "23.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D754F687-4EFB-4B04-96CE-C78C30B527FB",
"versionEndExcluding": "23.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM\n\nNote: This CVE has been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de PaperCut NG. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del proceso pc-pdl-to-image. El proceso carga un ejecutable desde una ubicaci\u00f3n no segura. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM."
}
],
"id": "CVE-2023-6006",
"lastModified": "2024-11-21T08:42:57.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-14T04:15:07.850",
"references": [
{
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.papercut.com/kb/Main/CommonSecurityQuestions/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/"
}
],
"sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-22 14:23
Modified
2024-11-21 02:06
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | 12.0 | |
| papercut | papercut_mf | 12.1 | |
| papercut | papercut_mf | 12.2 | |
| papercut | papercut_mf | 12.3 | |
| papercut | papercut_mf | 12.4 | |
| papercut | papercut_mf | 12.5 | |
| papercut | papercut_mf | 13.0 | |
| papercut | papercut_mf | 13.1 | |
| papercut | papercut_mf | 13.2 | |
| papercut | papercut_mf | 13.3 | |
| papercut | papercut_mf | 13.4 | |
| papercut | papercut_mf | 13.5 | |
| papercut | papercut_mf | 14.0 | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | 12.0 | |
| papercut | papercut_ng | 12.1 | |
| papercut | papercut_ng | 12.2 | |
| papercut | papercut_ng | 12.3 | |
| papercut | papercut_ng | 12.4 | |
| papercut | papercut_ng | 12.5 | |
| papercut | papercut_ng | 13.0 | |
| papercut | papercut_ng | 13.1 | |
| papercut | papercut_ng | 13.2 | |
| papercut | papercut_ng | 13.3 | |
| papercut | papercut_ng | 13.4 | |
| papercut | papercut_ng | 13.5 | |
| papercut | papercut_ng | 14.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C39F2093-2205-4065-930D-433B45C6F868",
"versionEndIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF398E65-476C-41C5-9C96-243740F1B429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "322A6E60-374D-437D-9F7F-C0DE19894279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DECB5F11-6E2B-42B6-8964-83EA876BF735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4A31AA18-E4C0-4173-9461-2A51723C001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22BBE05F-26E5-417D-8841-9A2E47D040CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D14BAE3F-FA54-4495-BE0C-913CC76E4B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D05483BC-AF45-4A20-93F1-7B9CA6ED104D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "661D8595-B0C2-4B81-A921-18031B681B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "851320F4-8239-482C-A164-1372D7C6AAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1429B0AE-F0BB-4770-B8AB-26CA0BBD9975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8966A5-3C9E-42DB-92A9-74975E6957FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B2F6E5F3-FDED-47C6-91D4-6FC6317E4DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3266B2-CBDC-432D-ACBA-FDF293368FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "159145D0-A4ED-4F74-9A1F-6BBB2CC7568A",
"versionEndIncluding": "14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43F90D1A-6523-4EA2-BD70-3230E01A66E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD91C180-D7F1-43BE-8472-5E72DF27993E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2464601-F136-410A-862F-2273B1782AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "419FEFF8-A892-403C-BF8A-304272EE16D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D02D413C-693E-45B9-83A4-CBFA844FEBB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8A222F-CEEF-481A-BE3C-0D736CE64A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B6C4B24-3F7E-48C8-9FE6-5DBFEB4425A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10E34435-E2C8-417A-9950-FECD267DEA27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30875001-1705-4B52-8DC2-6898DAE23BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B66EF4D7-6BBE-4A71-A887-59105AFBEE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2620A163-36DD-4D89-8044-893B1A4E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6BA83-BF06-4E4A-A474-0AB98C55F3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9025F2-7C5C-4FC9-A239-584215618239",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en la interfaz de usuario de administraci\u00f3n en Papercut MF y NG anterior a 14.1 (Build 26983) permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2659",
"lastModified": "2024-11-21T02:06:44.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-22T14:23:35.910",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58037"
},
{
"source": "cve@mitre.org",
"url": "http://www.papercut-mf.com/release-history/"
},
{
"source": "cve@mitre.org",
"url": "http://www.papercut.com/release-history/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.papercut-mf.com/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.papercut.com/release-history/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92648"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-20 16:15
Modified
2025-02-07 14:59
Severity ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_mf | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * | |
| papercut | papercut_ng | * |
{
"cisaActionDue": "2023-05-12",
"cisaExploitAdd": "2023-04-21",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "PaperCut MF/NG Improper Access Control Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E225189C-FF05-402B-A8F6-6BCC8D062B8C",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D231C34-F58C-4CA1-B158-64778AC17991",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A326E88D-635E-4AC1-B5CE-455306FC9D55",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5D942B-C055-4221-8FD7-3F0F252931E4",
"versionEndExcluding": "20.1.7",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE19845-02F0-4BB9-BECB-49B34FACB55D",
"versionEndExcluding": "21.2.11",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1852E7B-0B3F-4208-A26E-CB117E0C0CD8",
"versionEndExcluding": "22.0.9",
"versionStartIncluding": "22.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987."
}
],
"id": "CVE-2023-27350",
"lastModified": "2025-02-07T14:59:06.530",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-20T16:15:07.653",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-233/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-233/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2024-3037
Vulnerability from cvelistv5
Published
2024-05-14 00:12
Modified
2024-10-07 20:27
Severity ?
EPSS score ?
Summary
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server.
Important: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.
Note: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/security-bulletin-may-2024/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3037",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T20:25:16.955265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:27:00.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Print"
],
"platforms": [
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.9",
"status": "unaffected"
}
],
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nicholas Zubrisky (@NZubrisky)"
},
{
"lang": "en",
"type": "finder",
"value": "Michael DePlante(@izobashi) of Trend Micro\u0027s ZDI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server. \u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eNote: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it\u2019s been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server. \n\nImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.\n\nNote: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it\u2019s been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard users on the host server."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T01:15:01.885Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Deletion in PaperCut NG/MF Web Print",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-3037",
"datePublished": "2024-05-14T00:12:37.696Z",
"dateReserved": "2024-03-28T04:33:02.602Z",
"dateUpdated": "2024-10-07T20:27:00.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-3486
Vulnerability from cvelistv5
Published
2023-07-25 12:50
Modified
2024-10-23 19:02
Severity ?
EPSS score ?
Summary
An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG |
Version: 0 < 22.1.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-23"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T19:02:44.379787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T19:02:59.209Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PaperCut NG",
"vendor": "PaperCut",
"versions": [
{
"lessThan": "22.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-07-25T12:51:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eAn authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T13:35:28.378Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-23"
},
{
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PaperCut NG Unauthenticated File Upload",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-3486",
"datePublished": "2023-07-25T12:50:42.477Z",
"dateReserved": "2023-06-30T18:26:50.920Z",
"dateUpdated": "2024-10-23T19:02:59.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1884
Vulnerability from cvelistv5
Published
2024-03-14 03:11
Modified
2024-08-28 15:12
Severity ?
EPSS score ?
Summary
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:56:22.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T15:43:10.845115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T15:12:02.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker\u0027s choosing."
}
],
"value": "This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker\u0027s choosing."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server-Side Request Forgery (SSRF)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T03:11:48.197Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Server Side Request Forgery in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1884",
"datePublished": "2024-03-14T03:11:48.197Z",
"dateReserved": "2024-02-26T05:36:24.198Z",
"dateUpdated": "2024-08-28T15:12:02.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1221
Vulnerability from cvelistv5
Published
2024-03-14 03:01
Modified
2024-09-26 03:46
Severity ?
EPSS score ?
Summary
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS PaperCut NG/MF servers.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T15:25:34.441612Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:59:42.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eThis vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS PaperCut NG/MF servers.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a specifically formed payload against the impacted API endpoint. The attacker must carry out some reconnaissance to gain knowledge of a system token. This CVE only affects Linux and macOS PaperCut NG/MF servers."
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-76",
"description": "CWE-76 Improper Neutralization of Equivalent Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:46:19.820Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access controls on APIs on Linux and macOS in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1221",
"datePublished": "2024-03-14T03:01:05.179Z",
"dateReserved": "2024-02-05T04:33:58.615Z",
"dateUpdated": "2024-09-26T03:46:19.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-8405
Vulnerability from cvelistv5
Published
2024-09-26 01:36
Modified
2024-09-26 15:02
Severity ?
EPSS score ?
Summary
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.
Note:
This CVE has been split from CVE-2024-4712.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:01:57.724249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:02:10.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Print"
],
"platforms": [
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.9",
"status": "unaffected"
}
],
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Amol Dosanjh of Trend Micro"
}
],
"datePublic": "2024-09-26T01:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis specific flaw exists within the web-print.exe process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eNote: \u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis CVE has been split from CVE-2024-4712.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can be used to flood disk space and result in a Denial of Service (DoS) attack.\n\nNote: \n\nThis CVE has been split from CVE-2024-4712."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T01:36:26.364Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Creation in PaperCut NG/MF Web Print leading to a Denial of Service attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-8405",
"datePublished": "2024-09-26T01:36:26.364Z",
"dateReserved": "2024-09-04T05:55:45.849Z",
"dateUpdated": "2024-09-26T15:02:10.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1654
Vulnerability from cvelistv5
Published
2024-03-14 03:06
Modified
2024-08-01 18:48
Severity ?
EPSS score ?
Summary
This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-16T04:00:54.272578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:04:21.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:48:21.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this. "
}
],
"value": "This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this. "
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-183",
"description": "CWE-183 Permissive List of Allowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T03:06:54.867Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized write operations in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1654",
"datePublished": "2024-03-14T03:06:54.867Z",
"dateReserved": "2024-02-20T02:23:09.252Z",
"dateUpdated": "2024-08-01T18:48:21.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-8404
Vulnerability from cvelistv5
Published
2024-09-26 01:42
Modified
2024-09-26 15:01
Severity ?
EPSS score ?
Summary
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder.
Important: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.
Note:
This CVE has been split from CVE-2024-3037.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.9 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:59:11.788417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:01:21.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Print"
],
"platforms": [
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.9",
"status": "unaffected"
}
],
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Amol Dosanjh of Trend Micro"
},
{
"lang": "en",
"type": "finder",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro"
},
{
"lang": "en",
"type": "finder",
"value": "Michael DePlante (@izobashi) of Trend Micro\u0027s ZDI"
}
],
"datePublic": "2024-09-26T01:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder. \u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eNote: \u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis CVE has been split from CVE-2024-3037.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server via the web-print-hot-folder. \n\nImportant: In most installations, this risk is mitigated by the default Windows Server configuration, which restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log into the local console of the Windows environment hosting the PaperCut NG/MF application server.\n\nNote: \n\nThis CVE has been split from CVE-2024-3037."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T01:42:49.400Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-8404",
"datePublished": "2024-09-26T01:42:49.400Z",
"dateReserved": "2024-09-04T05:55:44.460Z",
"dateUpdated": "2024-09-26T15:01:21.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1882
Vulnerability from cvelistv5
Published
2024-03-14 03:08
Modified
2024-09-26 03:52
Severity ?
EPSS score ?
Summary
This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-16T04:00:55.398174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:02:52.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:56:22.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server.\u003cbr\u003e"
}
],
"value": "This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-76",
"description": "CWE-76 Improper Neutralization of Equivalent Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:52:57.154Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Server-side resource injection in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1882",
"datePublished": "2024-03-14T03:08:17.914Z",
"dateReserved": "2024-02-26T05:36:21.950Z",
"dateUpdated": "2024-09-26T03:52:57.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1223
Vulnerability from cvelistv5
Published
2024-03-14 03:04
Modified
2024-09-26 03:50
Severity ?
EPSS score ?
Summary
This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T15:32:53.951317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:01:22.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state."
}
],
"value": "This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state."
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-488",
"description": "CWE-488: Exposure of Data Element to Wrong Session",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:50:15.610Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper authorization controls in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1223",
"datePublished": "2024-03-14T03:04:43.588Z",
"dateReserved": "2024-02-05T04:34:01.599Z",
"dateUpdated": "2024-09-26T03:50:15.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-31046
Vulnerability from cvelistv5
Published
2023-10-19 00:00
Modified
2024-09-13 14:49
Severity ?
EPSS score ?
Summary
A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach getStaticContent in UIContentResource.class in the static-content-files servlet.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219#security-notifications"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
},
{
"tags": [
"x_transferred"
],
"url": "https://research.aurainfosec.io/disclosure/papercut/"
},
{
"tags": [
"x_transferred"
],
"url": "https://web.archive.org/web/20230814061444/https://research.aurainfosec.io/disclosure/papercut/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31046",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T14:48:16.443381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T14:49:14.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server\u0027s filesystem, because requests beginning with \"GET /ui/static/..//..\" reach getStaticContent in UIContentResource.class in the static-content-files servlet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-19T23:19:09.447605",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219#security-notifications"
},
{
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
},
{
"url": "https://research.aurainfosec.io/disclosure/papercut/"
},
{
"url": "https://web.archive.org/web/20230814061444/https://research.aurainfosec.io/disclosure/papercut/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-31046",
"datePublished": "2023-10-19T00:00:00",
"dateReserved": "2023-04-24T00:00:00",
"dateUpdated": "2024-09-13T14:49:14.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-4712
Vulnerability from cvelistv5
Published
2024-05-14 00:13
Modified
2024-09-26 01:27
Severity ?
EPSS score ?
Summary
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation.
Note:
This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T19:40:02.500241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T19:40:12.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:41.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/security-bulletin-may-2024/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Web Print"
],
"platforms": [
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.9",
"status": "unaffected"
}
],
"lessThan": "23.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis specific flaw exists within the image-handler process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can lead to local privilege escalation.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eNote: \u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it\u2019s been rescored \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003ewith a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled.\u00a0This specific flaw exists within the image-handler process, which can incorrectly create files that don\u2019t exist when a maliciously formed payload is provided. This can lead to local privilege escalation.\n\nNote: \n\nThis CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it\u2019s been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server."
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T01:27:50.169Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-4712",
"datePublished": "2024-05-14T00:13:47.600Z",
"dateReserved": "2024-05-10T05:15:31.461Z",
"dateUpdated": "2024-09-26T01:27:50.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-9672
Vulnerability from cvelistv5
Published
2024-12-09 23:49
Modified
2024-12-10 16:08
Severity ?
EPSS score ?
Summary
A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut MF |
Version: 0 < 24.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T16:08:26.031308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T16:08:48.582Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "24.1",
"status": "unaffected"
}
],
"lessThan": "24.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-12-09T23:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eA reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur. \u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T23:49:55.535Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/security-bulletin-december-2024/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected XSS in PaperCut MF",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-9672",
"datePublished": "2024-12-09T23:49:55.535Z",
"dateReserved": "2024-10-09T00:06:26.925Z",
"dateUpdated": "2024-12-10T16:08:48.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-4568
Vulnerability from cvelistv5
Published
2023-09-13 20:28
Modified
2024-09-25 19:58
Severity ?
EPSS score ?
Summary
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2023-31"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4568",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T19:57:57.034722Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T19:58:08.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PaperCut NG",
"vendor": "PaperCut",
"versions": [
{
"status": "unknown",
"version": "0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch."
}
],
"value": "PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-13T20:28:52.656Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2023-31"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PaperCut NG Unauthenticated XMLRPC",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2023-4568",
"datePublished": "2023-09-13T20:28:52.656Z",
"dateReserved": "2023-08-28T18:17:53.703Z",
"dateUpdated": "2024-09-25T19:58:08.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1222
Vulnerability from cvelistv5
Published
2024-03-14 03:03
Modified
2024-09-26 03:50
Severity ?
EPSS score ?
Summary
This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_mf",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-26T04:00:45.176980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T15:10:56.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:50:54.624Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect authorization controls in PaperCut NG/MF APIs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1222",
"datePublished": "2024-03-14T03:03:18.638Z",
"dateReserved": "2024-02-05T04:34:00.207Z",
"dateUpdated": "2024-09-26T03:50:54.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12135
Vulnerability from cvelistv5
Published
2019-06-06 16:07
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.papercut.com/products/mf/release-history/ | x_refsource_CONFIRM | |
| https://www.papercut.com/products/ng/release-history/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-06T16:07:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified vulnerability in the application server in PaperCut MF and NG versions 18.3.8 and earlier and versions 19.0.3 and earlier allows remote attackers to execute arbitrary code via an unspecified vector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.papercut.com/products/mf/release-history/",
"refsource": "CONFIRM",
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"name": "https://www.papercut.com/products/ng/release-history/",
"refsource": "CONFIRM",
"url": "https://www.papercut.com/products/ng/release-history/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12135",
"datePublished": "2019-06-06T16:07:07",
"dateReserved": "2019-05-15T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2659
Vulnerability from cvelistv5
Published
2014-04-22 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.papercut-mf.com/release-history/ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/92648 | vdb-entry, x_refsource_XF | |
| http://www.papercut.com/release-history/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58037 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142659-csrf(92648)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142659-csrf(92648)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.papercut-mf.com/release-history/",
"refsource": "CONFIRM",
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142659-csrf(92648)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92648"
},
{
"name": "http://www.papercut.com/release-history/",
"refsource": "CONFIRM",
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2659",
"datePublished": "2014-04-22T14:00:00",
"dateReserved": "2014-03-26T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-2533
Vulnerability from cvelistv5
Published
2023-06-20 14:45
Modified
2024-12-09 18:30
Severity ?
EPSS score ?
Summary
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in
PaperCut NG/MF, which, under specific conditions, could potentially enable
an attacker to alter security settings or execute arbitrary code. This could
be exploited if the target is an admin with a current login session. Exploiting
this would typically involve the possibility of deceiving an admin into clicking
a specially crafted malicious link, potentially leading to unauthorized changes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG/MF |
Version: 22.0.10 < 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:26:09.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fluidattacks.com/advisories/arcangel/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T18:30:04.652999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T18:30:21.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "PaperCut NG/MF",
"vendor": "PaperCut",
"versions": [
{
"lessThan": "2.1.1",
"status": "affected",
"version": "22.0.10",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "21.2.12"
},
{
"status": "unaffected",
"version": "20.1.8"
}
]
}
],
"datePublic": "2023-06-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability has been identified in\nPaperCut NG/MF, which, under specific conditions, could potentially enable\nan attacker to alter security settings or execute arbitrary code. This could\nbe exploited if the target is an admin with a current login session. Exploiting\nthis would typically involve the possibility of deceiving an admin into clicking\na specially crafted malicious link, potentially leading to unauthorized changes.\u003cbr\u003e"
}
],
"value": "A Cross-Site Request Forgery (CSRF) vulnerability has been identified in\nPaperCut NG/MF, which, under specific conditions, could potentially enable\nan attacker to alter security settings or execute arbitrary code. This could\nbe exploited if the target is an admin with a current login session. Exploiting\nthis would typically involve the possibility of deceiving an admin into clicking\na specially crafted malicious link, potentially leading to unauthorized changes.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-06T05:19:14.394Z",
"orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
"shortName": "Fluid Attacks"
},
"references": [
{
"url": "https://fluidattacks.com/advisories/arcangel/"
},
{
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
"assignerShortName": "Fluid Attacks",
"cveId": "CVE-2023-2533",
"datePublished": "2023-06-20T14:45:14.102Z",
"dateReserved": "2023-05-05T03:13:21.706Z",
"dateUpdated": "2024-12-09T18:30:21.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-8948
Vulnerability from cvelistv5
Published
2019-02-20 04:00
Modified
2024-09-16 19:14
Severity ?
EPSS score ?
Summary
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.papercut.com/products/mf/release-history/ | x_refsource_MISC | |
| https://www.papercut.com/products/ng/release-history/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:31:37.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-20T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.papercut.com/products/ng/release-history/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.papercut.com/products/mf/release-history/",
"refsource": "MISC",
"url": "https://www.papercut.com/products/mf/release-history/"
},
{
"name": "https://www.papercut.com/products/ng/release-history/",
"refsource": "MISC",
"url": "https://www.papercut.com/products/ng/release-history/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-8948",
"datePublished": "2019-02-20T04:00:00Z",
"dateReserved": "2019-02-19T00:00:00Z",
"dateUpdated": "2024-09-16T19:14:55.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27350
Vulnerability from cvelistv5
Published
2023-04-20 00:00
Modified
2025-02-03 16:40
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-233/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27350",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-22T05:01:04.658436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-04-21",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-27350"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T16:40:05.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NG",
"vendor": "PaperCut",
"versions": [
{
"status": "affected",
"version": "22.0.5 (Build 63914)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anonymous"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-233/"
},
{
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"url": "http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html"
},
{
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/"
},
{
"url": "http://packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27350",
"datePublished": "2023-04-20T00:00:00.000Z",
"dateReserved": "2023-02-28T00:00:00.000Z",
"dateUpdated": "2025-02-03T16:40:05.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2658
Vulnerability from cvelistv5
Published
2014-04-28 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.papercut-mf.com/release-history/ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/92649 | vdb-entry, x_refsource_XF | |
| http://www.papercut.com/release-history/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58037 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142658-dos(92649)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92649"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142658-dos(92649)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92649"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.papercut-mf.com/release-history/",
"refsource": "CONFIRM",
"url": "http://www.papercut-mf.com/release-history/"
},
{
"name": "papercut-cve20142658-dos(92649)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92649"
},
{
"name": "http://www.papercut.com/release-history/",
"refsource": "CONFIRM",
"url": "http://www.papercut.com/release-history/"
},
{
"name": "58037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2658",
"datePublished": "2014-04-28T14:00:00",
"dateReserved": "2014-03-26T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39470
Vulnerability from cvelistv5
Published
2024-11-22 20:04
Modified
2024-12-05 14:50
Severity ?
EPSS score ?
Summary
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.
The specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-786/ | x_research-advisory | |
| https://www.papercut.com/kb/Main/SecurityBulletinJune2023/ | vendor-advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:22.0.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"status": "affected",
"version": "22.0.10 65996"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:16:31.968489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:50:39.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NG",
"vendor": "PaperCut",
"versions": [
{
"status": "affected",
"version": "22.0.10 65996"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.471-05:00",
"datePublic": "2024-06-18T15:15:22.622-05:00",
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the management of the print.script.sandboxed setting. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20965."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:04:57.069Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-786",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-786/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJune2023/"
}
],
"source": {
"lang": "en",
"value": "Trinity Cyber"
},
"title": "PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39470",
"datePublished": "2024-11-22T20:04:57.069Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-12-05T14:50:39.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39469
Vulnerability from cvelistv5
Published
2024-05-03 01:59
Modified
2024-08-02 18:10
Severity ?
EPSS score ?
Summary
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.
The specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-23-1285/ | x_research-advisory | |
| https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/ | vendor-advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "papercut_ng",
"vendor": "papercut",
"versions": [
{
"status": "affected",
"version": "22.0.12"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-06T15:38:33.991469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:06.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:20.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1285",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1285/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NG",
"vendor": "PaperCut",
"versions": [
{
"status": "affected",
"version": "22.0.12"
}
]
}
],
"dateAssigned": "2023-08-02T16:44:31.439-05:00",
"datePublic": "2023-08-30T15:13:29.538-05:00",
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:59:31.060Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1285",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1285/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-39469",
"datePublished": "2024-05-03T01:59:31.060Z",
"dateReserved": "2023-08-02T21:37:23.123Z",
"dateUpdated": "2024-08-02T18:10:20.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39143
Vulnerability from cvelistv5
Published
2023-08-04 00:00
Modified
2024-08-02 18:02
Severity ?
EPSS score ?
Summary
PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:05.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/securitybulletinjuly2023/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/"
},
{
"url": "https://www.papercut.com/kb/Main/securitybulletinjuly2023/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-39143",
"datePublished": "2023-08-04T00:00:00",
"dateReserved": "2023-07-25T00:00:00",
"dateUpdated": "2024-08-02T18:02:05.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27351
Vulnerability from cvelistv5
Published
2023-04-20 00:00
Modified
2025-02-13 16:45
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-232/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T14:28:49.324880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T14:28:53.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "NG",
"vendor": "PaperCut",
"versions": [
{
"status": "affected",
"version": "22.0.5 (Build 63914)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T15:35:13.491Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-232/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27351",
"datePublished": "2023-04-20T00:00:00.000Z",
"dateReserved": "2023-02-28T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:45:22.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6006
Vulnerability from cvelistv5
Published
2023-11-14 04:04
Modified
2025-01-08 16:44
Severity ?
EPSS score ?
Summary
This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM
Note: This CVE has been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:25.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/CommonSecurityQuestions/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-30T18:23:10.697416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T16:44:47.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Print Archiving"
],
"platforms": [
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.0",
"status": "unaffected"
}
],
"lessThan": "23.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Amol Dosanjh of Trend Micro"
},
{
"lang": "en",
"type": "finder",
"value": "Michael DePlante(@izobashi) of Trend Micro\u0027s ZDI"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eAn attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system.\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eNote: This CVE has been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must have local write access to the C Drive. In addition, Print Archiving must be enabled or the attacker needs to encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM\n\nNote: This CVE has been rescored with a \"Privileges Required (PR)\" rating of low, and \u201cAttack Complexity (AC)\u201d rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T01:19:25.248Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2023-6006",
"datePublished": "2023-11-14T04:04:03.280Z",
"dateReserved": "2023-11-08T04:55:38.051Z",
"dateUpdated": "2025-01-08T16:44:47.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1883
Vulnerability from cvelistv5
Published
2024-03-14 03:09
Modified
2024-09-26 03:43
Severity ?
EPSS score ?
Summary
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PaperCut | PaperCut NG, PaperCut MF |
Version: 0 < 23.0.7 Version: 0 < 22.1.5 Version: 0 < 21.2.14 Version: 0 < 20.1.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1883",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T15:24:48.682883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:00:09.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:56:22.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"MacOS",
"Linux",
"Windows"
],
"product": "PaperCut NG, PaperCut MF",
"vendor": "PaperCut",
"versions": [
{
"changes": [
{
"at": "23.0.7",
"status": "unaffected"
}
],
"lessThan": "23.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "22.1.5",
"status": "unaffected"
}
],
"lessThan": "22.1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "21.2.14",
"status": "unaffected"
}
],
"lessThan": "21.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.1.10",
"status": "unaffected"
}
],
"lessThan": "20.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability."
}
],
"value": "This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-76",
"description": "CWE-76 Improper Neutralization of Equivalent Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:43:04.535Z",
"orgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"shortName": "PaperCut"
},
"references": [
{
"url": "https://www.papercut.com/kb/Main/Security-Bulletin-March-2024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected XSS in PaperCut NG/MF",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb41dac7-0af8-4f84-9f6d-0272772514f4",
"assignerShortName": "PaperCut",
"cveId": "CVE-2024-1883",
"datePublished": "2024-03-14T03:09:43.195Z",
"dateReserved": "2024-02-26T05:36:23.133Z",
"dateUpdated": "2024-09-26T03:43:04.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}