cve-2016-3145
Vulnerability from cvelistv5
Published
2016-04-22 00:00
Modified
2024-08-05 23:47
Severity ?
Summary
Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
References
cve@mitre.orghttp://support.lexmark.com/index?page=content&id=TE760Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.lexmark.com/index?page=content&id=TE760Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:47:57.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-04-22T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-3145",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.lexmark.com/index?page=content\u0026id=TE760",
              "refsource": "CONFIRM",
              "url": "http://support.lexmark.com/index?page=content\u0026id=TE760"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-3145",
    "datePublished": "2016-04-22T00:00:00",
    "dateReserved": "2016-03-14T00:00:00",
    "dateUpdated": "2024-08-05T23:47:57.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-3145\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-04-22T00:59:09.493\",\"lastModified\":\"2024-11-21T02:49:28.127\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.\"},{\"lang\":\"es\",\"value\":\"Impresoras Lexmark con firmware ATL en versiones anteriores a ATL.021.063, CB en versiones anteriores a CB.021.063, PP en versiones anteriores a PP.021.063 y YK en versiones anteriores a YK.021.063 maneja incorectamente las acciones Erase Printer Memory y Erase Hard Disk, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos obtener informaci\u00f3n sensible a trav\u00e9s de lectura directa de operaciones sobre memoria no vol\u00e1til.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"pp\",\"versionEndIncluding\":\"pp.021.062\",\"matchCriteriaId\":\"FEAC5802-B92B-4895-8C63-4FFD599644C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx820de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67527A88-0DC6-4E7B-A1F0-CE472C19D9F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx820dtfe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB1FFAD9-EED0-49A8-9123-3046B07B4681\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx825de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B573EB-7A2D-4178-886F-03998D0BEFD1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx825dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CEFE60-AD40-44F4-9B40-321D348BA3AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx825dtfe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6A5F3CB-C008-4C62-AB60-4B89FCDA1DB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx860de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEE5761-0C06-4478-B1EC-EA33F1F6DEF2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx860dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"021A4710-334E-4993-B471-43B4CE5976B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx860dtfe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F645E6-472B-4FCA-8AD7-5B420A558FEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc6152de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09B4032F-D131-4E49-A58C-7363436BC78D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc6152dtfe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C61A938-34A3-48C0-9688-48EAFE2D4A24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc8155de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFAE4AEF-F23B-404D-BC1A-BA2441FAB10A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc8155dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B117121-240E-440F-BF7E-B8F808E918F9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc8160de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2631BC7C-CA86-4581-A3AD-FBE61244F1E8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc8160dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A41A9CAA-CF8A-48F2-AECB-D16C415A42AA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"cb\",\"versionEndIncluding\":\"cb.021.062\",\"matchCriteriaId\":\"CE80275C-40AD-4BEC-AF9D-8BFB9A42929E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:c4150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"324EC762-1276-4121-916B-9981925F242D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs720de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1427A6D-CEA4-440C-B10A-36E17082F792\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs720dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70D39A4C-568A-45CC-9C08-45CC4E6E32A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs725de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5573FDD-3B85-4477-807D-B4C0A5998622\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs725dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4ACBB26-772F-4D32-97C0-F497A726E31A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"yk\",\"versionEndIncluding\":\"yk.021.062\",\"matchCriteriaId\":\"62767ADB-755F-4328-8A0B-4DF204950A2F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:c6160:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E10C08-E129-4482-92B1-67FD6C0D0407\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"yk\",\"versionEndIncluding\":\"yk.021.057\",\"matchCriteriaId\":\"1BE2AA7A-1B70-4912-89F8-97559B225F6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs820de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3625CB80-4EC1-47F4-8065-7459F5D14D0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs820dte:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"156414A8-0F64-48F0-A17F-A536B4B16EEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cs820dtfe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E42F25E-B296-4FFA-A41E-3CFA226697CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"atl\",\"versionEndIncluding\":\"atl.021.062\",\"matchCriteriaId\":\"A75C59E7-0B30-4C10-ABFE-BB6AF7FB6118\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx725de:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9072D963-3E31-4315-8F36-649F24E335BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx725dhe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA61A0D6-A19E-43AB-A1D7-C18728CB527B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:cx725dthe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F1E777-79E7-47EB-8715-72ED79B46E5D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lexmark:xc4150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74A27B92-5F83-4280-93EA-31F115408405\"}]}]}],\"references\":[{\"url\":\"http://support.lexmark.com/index?page=content\u0026id=TE760\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.lexmark.com/index?page=content\u0026id=TE760\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.