cve-2013-6032
Vulnerability from cvelistv5
Published
2014-02-04 02:00
Modified
2024-08-06 17:29
Severity ?
Summary
cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.
References
cret@cert.orghttp://support.lexmark.com/index?page=content&id=TE586
cret@cert.orghttp://www.kb.cert.org/vuls/id/108062US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://support.lexmark.com/index?page=content&id=TE586
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/108062US Government Resource
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:29:42.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#108062",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/108062"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lexmark.com/index?page=content\u0026id=TE586"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-04T02:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "VU#108062",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/108062"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lexmark.com/index?page=content\u0026id=TE586"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-6032",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#108062",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/108062"
            },
            {
              "name": "http://support.lexmark.com/index?page=content\u0026id=TE586",
              "refsource": "CONFIRM",
              "url": "http://support.lexmark.com/index?page=content\u0026id=TE586"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-6032",
    "datePublished": "2014-02-04T02:00:00",
    "dateReserved": "2013-10-04T00:00:00",
    "dateUpdated": "2024-08-06T17:29:42.998Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-6032\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2014-02-04T05:39:08.137\",\"lastModified\":\"2024-11-21T01:58:39.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.\"},{\"lang\":\"es\",\"value\":\"cgi-bin/postpf/cgi-bin/dynamic/config/config.html en impresoras Lexmark X94x anterior a LC.BR.P142, X85x hasta LC4.BE.P487, X644 y X646 anterior a LC2.MC.P374, X642 hasta LC2.MB.P318, W840 hasta LS.HA.P252, T64x anterior a LS.ST.P344, X64xef hasta LC2.TI.P325, C935dn hasta LC.JO.P091, C920 hasta LS.TA.P152, C78x hasta LC.IO.P187, X78x hasta LC2.IO.P335, C77x hasta LC.CM.P052, X772 hasta LC2.TR.P291, C53x hasta LS.SW.P069, C52x hasta LS.FA.P150, 25xxN hasta LCL.CU.P114, N4000 hasta LC.MD.P119, N4050e hasta GO.GO.N206, N70xxe hasta LC.CO.N309, E450 hasta LM.SZ.P124, E350 hasta LE.PH.P129 y E250 hasta LE.PM.P126 permite a atacantes remotos eliminar la contrase\u00f1a administrativa a trav\u00e9s del par\u00e1metro vac.255.GENPASSWORD.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:25xxn:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lcl.cu.p114\",\"matchCriteriaId\":\"7513DFC0-4510-4B83-970A-BA0E62638713\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c52x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"ls.fa.p150\",\"matchCriteriaId\":\"6509A55F-42A6-48C6-B48F-59C6E4C01281\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c53x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"ls.sw.p069\",\"matchCriteriaId\":\"858E4963-A4DF-4547-A690-86F21C5C6761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c77x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.cm.p052\",\"matchCriteriaId\":\"5E8F5F15-A5A5-4ABC-BB1B-B4F78F6F6576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c78x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.io.p187\",\"matchCriteriaId\":\"9CC0B83D-98E2-4342-92B8-3F5DAFF36534\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c920:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"ls.ta.p152\",\"matchCriteriaId\":\"589B4386-FB3A-4CE8-852B-2631BE5F5C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:c935dn:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.jo.p091\",\"matchCriteriaId\":\"A52F3ADA-60C7-4C6D-8BAE-0537D2FF64CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:e250:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"le.pm.p126\",\"matchCriteriaId\":\"73229A56-3484-4EDC-B200-4D2177D01594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:e350:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"le.ph.p129\",\"matchCriteriaId\":\"CCDCDF17-F05F-4891-9DF8-6018D7CCC289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:e450:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lm.sz.p124\",\"matchCriteriaId\":\"1FA662D9-5130-44E3-8450-872D8FE2E1D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:n4000:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.md.p119\",\"matchCriteriaId\":\"03F8465F-F3AB-4DBE-A50F-552D2810C7C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:n4050e:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"go.go.n206\",\"matchCriteriaId\":\"D00DCD4A-92D4-4FBE-8E22-3B825DC333AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:n70xxe:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.co.n309\",\"matchCriteriaId\":\"0DCDEF0E-5EC7-45C5-8BD4-048BE3122325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:t64x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"ls.st.p343\",\"matchCriteriaId\":\"234FF186-2024-42DE-81A2-B7A96B08589D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:w840:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"ls.ha.p252\",\"matchCriteriaId\":\"F51FF02A-7F7C-4D6C-9F98-1C44F3D962A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x642:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc2.mb.p318\",\"matchCriteriaId\":\"CB918500-A15B-45CE-89DE-B4EC86423444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x644:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc4.be.p487\",\"matchCriteriaId\":\"1A5BAA6A-6BFE-4747-952E-7F7D8390CF40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x646:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc2.mc.p373\",\"matchCriteriaId\":\"5E2CE0BB-0BD7-4B64-995C-12A7012A2029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x64xef:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc2.ti.p325\",\"matchCriteriaId\":\"5D8C7D31-1A14-4C30-9471-CCF825101A45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x772:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc2.tr.p291\",\"matchCriteriaId\":\"D26FD959-9014-4036-B5B7-3DB996E488AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x78x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc2.io.p335\",\"matchCriteriaId\":\"409D8B7E-60BF-4E0A-A640-A75B3D17CD7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x85x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc4.be.p487\",\"matchCriteriaId\":\"EFEB32C1-C2A7-4BAB-81A2-8454481155CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:lexmark:x94x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"lc.br.p141\",\"matchCriteriaId\":\"A624E9D4-CC32-4157-A215-105BA30A4EB2\"}]}]}],\"references\":[{\"url\":\"http://support.lexmark.com/index?page=content\u0026id=TE586\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/108062\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://support.lexmark.com/index?page=content\u0026id=TE586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/108062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.