var-201601-0529
Vulnerability from variot
Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlAuthentication may be circumvented by a third party using unauthorized detection of the security jumper status. Lexmarkprinter is a printer product from Lexmark. A remote attacker bypasses authentication by incorrect detection of the security-jumper state. Lexmark Laser Printers are prone to a local authentication-bypass vulnerability. A local attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. The following versions are affected: Lexmark printers using ATL versions prior to ATL.02.049, CB versions prior to CB.02.049, PP versions prior to PP.02.049, and YK versions prior to YK.02.049
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0529",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "yk.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "cb.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "pp.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "atl.02.048"
},
{
"model": "xc8155de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "pp"
},
{
"model": "cx860de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "pp.02.049"
},
{
"model": "cx860dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "atl"
},
{
"model": "xc6152de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "yk"
},
{
"model": "cs725dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "atl.02.049"
},
{
"model": "xc4150",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "cb"
},
{
"model": "cs820dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "cb.02.049"
},
{
"model": "xc8160dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "yk.02.049"
},
{
"model": "laser printer atl.02.049",
"scope": "lt",
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer cb",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer pp",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer yk",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "atl.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "pp.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "cb.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "yk.02.048"
},
{
"model": "xc8160dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc4150 atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dte yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160 yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150 cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc4150 atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dte yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160 yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150 cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:lexmark:c4150",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:c6160",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs720de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs720dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs725de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs725dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs820de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs820dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cs820dtfe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx725de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx725dhe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx725dthe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx820de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx820dtfe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx825de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx825dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx825dtfe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx860de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx860dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:cx860dtfe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:printer_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc4150",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc6152de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc6152dtfe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc8155de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc8155dte",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc8160de",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:lexmark:xc8160dte",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "82117"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1896",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1896",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00801",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-90715",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1896",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1896",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1896",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00801",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-647",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-90715",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlAuthentication may be circumvented by a third party using unauthorized detection of the security jumper status. Lexmarkprinter is a printer product from Lexmark. A remote attacker bypasses authentication by incorrect detection of the security-jumper state. Lexmark Laser Printers are prone to a local authentication-bypass vulnerability. \nA local attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. The following versions are affected: Lexmark printers using ATL versions prior to ATL.02.049, CB versions prior to CB.02.049, PP versions prior to PP.02.049, and YK versions prior to YK.02.049",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "VULHUB",
"id": "VHN-90715"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1896",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-00801",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647",
"trust": 0.6
},
{
"db": "BID",
"id": "82117",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90715",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"id": "VAR-201601-0529",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
}
],
"trust": 1.5
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
}
]
},
"last_update_date": "2024-11-23T22:22:47.355000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TE745",
"trust": 0.8,
"url": "http://support.lexmark.com/index?page=content\u0026id=TE745"
},
{
"title": "Lexmark printer competition conditional vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/71102"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
},
{
"problemtype": "CWE-254",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://support.lexmark.com/index?page=content\u0026id=te745"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1896"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1896"
},
{
"trust": 0.7,
"url": "http://support.lexmark.com/index?page=content\u0026amp;id=te745"
},
{
"trust": 0.3,
"url": "http://www.lexmark.com/"
},
{
"trust": 0.3,
"url": "http://support.lexmark.com/index?page=content\u0026id=te745\u0026locale=en\u0026userlocale=en_us"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"date": "2016-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-90715"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "82117"
},
{
"date": "2016-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"date": "2016-01-27T05:59:04.307000",
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"date": "2016-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-90715"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "82117"
},
{
"date": "2016-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-647"
},
{
"date": "2024-11-21T02:47:16.937000",
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lexmark Vulnerability that bypasses authentication in printer firmware initialization process",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.