Vulnerabilites related to lexmark - printer_firmware
Vulnerability from fkie_nvd
Published
2016-04-22 00:59
Modified
2024-11-21 02:49
Severity ?
Summary
Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://support.lexmark.com/index?page=content&id=TE760 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.lexmark.com/index?page=content&id=TE760 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lexmark | printer_firmware | * | |
| lexmark | cx820de | - | |
| lexmark | cx820dtfe | - | |
| lexmark | cx825de | - | |
| lexmark | cx825dte | - | |
| lexmark | cx825dtfe | - | |
| lexmark | cx860de | - | |
| lexmark | cx860dte | - | |
| lexmark | cx860dtfe | - | |
| lexmark | xc6152de | - | |
| lexmark | xc6152dtfe | - | |
| lexmark | xc8155de | - | |
| lexmark | xc8155dte | - | |
| lexmark | xc8160de | - | |
| lexmark | xc8160dte | - | |
| lexmark | printer_firmware | * | |
| lexmark | c4150 | - | |
| lexmark | cs720de | - | |
| lexmark | cs720dte | - | |
| lexmark | cs725de | - | |
| lexmark | cs725dte | - | |
| lexmark | printer_firmware | * | |
| lexmark | c6160 | - | |
| lexmark | printer_firmware | * | |
| lexmark | cs820de | - | |
| lexmark | cs820dte | - | |
| lexmark | cs820dtfe | - | |
| lexmark | printer_firmware | * | |
| lexmark | cx725de | - | |
| lexmark | cx725dhe | - | |
| lexmark | cx725dthe | - | |
| lexmark | xc4150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEAC5802-B92B-4895-8C63-4FFD599644C1",
"versionEndIncluding": "pp.021.062",
"versionStartIncluding": "pp",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:cx820de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67527A88-0DC6-4E7B-A1F0-CE472C19D9F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx820dtfe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1FFAD9-EED0-49A8-9123-3046B07B4681",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90B573EB-7A2D-4178-886F-03998D0BEFD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CEFE60-AD40-44F4-9B40-321D348BA3AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825dtfe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A5F3CB-C008-4C62-AB60-4B89FCDA1DB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEE5761-0C06-4478-B1EC-EA33F1F6DEF2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "021A4710-334E-4993-B471-43B4CE5976B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860dtfe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39F645E6-472B-4FCA-8AD7-5B420A558FEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc6152de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09B4032F-D131-4E49-A58C-7363436BC78D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc6152dtfe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C61A938-34A3-48C0-9688-48EAFE2D4A24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8155de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFAE4AEF-F23B-404D-BC1A-BA2441FAB10A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8155dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B117121-240E-440F-BF7E-B8F808E918F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8160de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2631BC7C-CA86-4581-A3AD-FBE61244F1E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8160dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A41A9CAA-CF8A-48F2-AECB-D16C415A42AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE80275C-40AD-4BEC-AF9D-8BFB9A42929E",
"versionEndIncluding": "cb.021.062",
"versionStartIncluding": "cb",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:c4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324EC762-1276-4121-916B-9981925F242D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs720de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1427A6D-CEA4-440C-B10A-36E17082F792",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs720dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D39A4C-568A-45CC-9C08-45CC4E6E32A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs725de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5573FDD-3B85-4477-807D-B4C0A5998622",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs725dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4ACBB26-772F-4D32-97C0-F497A726E31A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62767ADB-755F-4328-8A0B-4DF204950A2F",
"versionEndIncluding": "yk.021.062",
"versionStartIncluding": "yk",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:c6160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48E10C08-E129-4482-92B1-67FD6C0D0407",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE2AA7A-1B70-4912-89F8-97559B225F6F",
"versionEndIncluding": "yk.021.057",
"versionStartIncluding": "yk",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:cs820de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3625CB80-4EC1-47F4-8065-7459F5D14D0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs820dte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "156414A8-0F64-48F0-A17F-A536B4B16EEF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs820dtfe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E42F25E-B296-4FFA-A41E-3CFA226697CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A75C59E7-0B30-4C10-ABFE-BB6AF7FB6118",
"versionEndIncluding": "atl.021.062",
"versionStartIncluding": "atl",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:cx725de:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9072D963-3E31-4315-8F36-649F24E335BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx725dhe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61A0D6-A19E-43AB-A1D7-C18728CB527B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx725dthe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79F1E777-79E7-47EB-8715-72ED79B46E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74A27B92-5F83-4280-93EA-31F115408405",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory."
},
{
"lang": "es",
"value": "Impresoras Lexmark con firmware ATL en versiones anteriores a ATL.021.063, CB en versiones anteriores a CB.021.063, PP en versiones anteriores a PP.021.063 y YK en versiones anteriores a YK.021.063 maneja incorectamente las acciones Erase Printer Memory y Erase Hard Disk, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible a trav\u00e9s de lectura directa de operaciones sobre memoria no vol\u00e1til."
}
],
"id": "CVE-2016-3145",
"lastModified": "2024-11-21T02:49:28.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-22T00:59:09.493",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-27 05:59
Modified
2024-11-21 02:47
Severity ?
Summary
Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://support.lexmark.com/index?page=content&id=TE745 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.lexmark.com/index?page=content&id=TE745 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lexmark | printer_firmware | * | |
| lexmark | c4150 | * | |
| lexmark | cs720de | * | |
| lexmark | cs720dte | * | |
| lexmark | cs725de | * | |
| lexmark | cs725dte | * | |
| lexmark | printer_firmware | * | |
| lexmark | cx725de | * | |
| lexmark | cx725dhe | * | |
| lexmark | cx725dthe | * | |
| lexmark | xc4150 | * | |
| lexmark | printer_firmware | * | |
| lexmark | c6160 | * | |
| lexmark | cs820de | * | |
| lexmark | cs820dte | * | |
| lexmark | cs820dtfe | * | |
| lexmark | printer_firmware | * | |
| lexmark | cx820de | * | |
| lexmark | cx820dtfe | * | |
| lexmark | cx825de | * | |
| lexmark | cx825dte | * | |
| lexmark | cx825dtfe | * | |
| lexmark | cx860de | * | |
| lexmark | cx860dte | * | |
| lexmark | cx860dtfe | * | |
| lexmark | xc6152de | * | |
| lexmark | xc6152dtfe | * | |
| lexmark | xc8155de | * | |
| lexmark | xc8155dte | * | |
| lexmark | xc8160de | * | |
| lexmark | xc8160dte | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C29BEB30-DC3B-4922-9234-9F4CB9E2C048",
"versionEndIncluding": "cb.02.048",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:c4150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF07C509-7E15-414C-9F1A-0DF8204136CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs720de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD322C1-05F1-42AA-9F94-46F53E0529C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs720dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11E85F1B-AE5F-4515-A5E0-5FAE4DF22228",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs725de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F637ED5E-EBAA-42FA-B1EC-5A62BC35C1AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs725dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF826B-6EE0-4C67-AB9C-56B86516EF07",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D65111-B7BC-4A60-83CB-0D3C2CF216DF",
"versionEndIncluding": "atl.02.048",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:cx725de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE911CAA-BB40-462E-B7B1-08E6B8120536",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx725dhe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536113D5-F589-4EDA-A273-56B3E73450CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx725dthe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4B5588-09A3-4FA2-81D0-715B52902B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc4150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFB88AA-AA66-46E1-AA48-DA149E50A57C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDC2CBD-3940-4952-8546-E6EA66C0725F",
"versionEndIncluding": "yk.02.048",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:c6160:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E4434A-93AE-494E-8D46-4F7BE14AFFCB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs820de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF541E0-D4DA-4B4C-8870-D3EC59EC9F83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs820dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B79F4035-1CEC-488F-9066-83E48D19CAA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cs820dtfe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC04B20-E795-49B2-8A84-1F559409D770",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB4760C3-77CB-4179-B7E9-79538C206498",
"versionEndIncluding": "pp.02.048",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:lexmark:cx820de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CA052D-1DE0-45CC-8317-AE62D59179DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx820dtfe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD59709-2F7D-402B-8BEB-39F254B5F92A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1751C220-21F2-4B00-BC83-4547C3EB549F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9956F4-B90F-4DF2-A010-162DE39C1586",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx825dtfe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA85370-DB44-4D02-AC9D-3F7732ABAF48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26F568-042D-4247-A728-933AF110BC51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD0E198-C530-4FD3-AE96-5C75BDF2B7E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:cx860dtfe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43839086-5EA5-4FB6-B92D-378FECD3C9BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc6152de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0403F7-39BD-463F-83A2-3722AD2568B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc6152dtfe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A553DB8-FA2D-4AFD-9B2D-96F52F90AECD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8155de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67CFD744-5BF8-4912-B9ED-68037528FDF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8155dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14DB6F86-9F8D-4065-BAFB-AF393FEDE24C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8160de:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98059800-F8CE-4963-A3C8-7BFE2BEBE2A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:lexmark:xc8160dte:*:*:*:*:*:*:*:*",
"matchCriteriaId": "806FECDA-5A28-46E8-8AEA-534560B58042",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en el proceso de inicializaci\u00f3n en impresoras Lexmark con firmware ATL en versiones anteriores a ATL.02.049, CB en versiones anteriores a CB.02.049, PP en versiones anteriores a PP.02.049 y YK en versiones anteriores a YK.02.049 permite a atacantes remotos eludir la autenticaci\u00f3n aprovechando una detecci\u00f3n incorrecta del estado del puente de seguridad."
}
],
"id": "CVE-2016-1896",
"lastModified": "2024-11-21T02:47:16.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-27T05:59:04.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
},
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-1896
Vulnerability from cvelistv5
Published
2016-01-27 02:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.lexmark.com/index?page=content&id=TE745 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:39.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-27T04:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1896",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.lexmark.com/index?page=content\u0026id=TE745",
"refsource": "CONFIRM",
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1896",
"datePublished": "2016-01-27T02:00:00",
"dateReserved": "2016-01-13T00:00:00",
"dateUpdated": "2024-08-05T23:10:39.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3145
Vulnerability from cvelistv5
Published
2016-04-22 00:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.lexmark.com/index?page=content&id=TE760 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:47:57.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-22T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.lexmark.com/index?page=content\u0026id=TE760",
"refsource": "CONFIRM",
"url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3145",
"datePublished": "2016-04-22T00:00:00",
"dateReserved": "2016-03-14T00:00:00",
"dateUpdated": "2024-08-05T23:47:57.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}