var-201908-0058
Vulnerability from variot
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: CS31x with firmware LW71.VYL.P229 and earlier; CS41x with firmware LW71.VY2.P229 and earlier; CX310 with firmware LW71.GM2.P229 and earlier; MS310 with .P229 and earlier firmware; MS312 with LW71.GM2.P229 and earlier firmware; MS317 with LW71.GM2.P229 and earlier firmware; MS410 with LW71.PRL.P229 and earlier firmware; M1140 with firmware version .PRL.P229 and earlier; MS315 with firmware version LW71.TL2.P229 and earlier; MS415 with firmware version LW71.TL2.P229 and earlier; MS417 with firmware version LW71.TL2.P229 and earlier; MX31x with firmware LW71.SB2.P229 and earlier; XM1135 with firmware LW71.SB2.P229 and earlier; MS51x with firmware LW71.PR2.P229 and earlier; firmware with LW71.PR2.P229 and earlier MS610dn; MS617 using LW71.PR2.P229 and earlier firmware; M1145 using LW71.PR2.P229 and earlier firmware; M3150dn using LW71.PR2.P229 and earlier firmware; using LW71.DN2.P229 and earlier MS71x with firmware LW71.DN2.P229 and earlier; M5163dn with firmware LW71.DN2.P229 and earlier; MS810 with firmware LW71.DN2.P229 and earlier; MS811 with firmware LW71.DN2.P229 and earlier; MS812 with previous version firmware; MS817 with LW71.DN2.P229 and previous version firmware; MS818 with LW71.DN2.P229 and previous version firmware
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-0058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "m3150dn",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.pr2.p229"
},
{
"model": "m5163dn",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "ms617",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.pr2.p229"
},
{
"model": "ms818",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "ms310",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.prl.p229"
},
{
"model": "cx310",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.gm2.p229"
},
{
"model": "ms71x",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "m1145",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.pr2.p229"
},
{
"model": "xm1135",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.sb2.p229"
},
{
"model": "m1140",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.prl.p229"
},
{
"model": "ms810",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "ms811",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "ms415",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.tl2.p229"
},
{
"model": "ms312",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.prl.p229"
},
{
"model": "ms51x",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.pr2.p229"
},
{
"model": "ms610dn",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.pr2.p229"
},
{
"model": "ms817",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "cs41x",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.vy2.p229"
},
{
"model": "cs31x",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.vyl.p229"
},
{
"model": "ms315",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.tl2.p229"
},
{
"model": "ms417",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.tl2.p229"
},
{
"model": "ms812",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.dn2.p229"
},
{
"model": "mx31x",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.sb2.p229"
},
{
"model": "ms410",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.prl.p229"
},
{
"model": "ms317",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "lw71.prl.p229"
},
{
"model": "cs31x",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs41x",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx310",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms1140",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms310",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms312",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms315",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms317",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms410",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "ms415",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:lexmark:cs31x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:cs41x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:cx310_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:m1140_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms310_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms312_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms315_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms317_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms410_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:lexmark:ms415_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
}
]
},
"cve": "CVE-2019-9934",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-9934",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-161369",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2019-9934",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9934",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-9934",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-2140",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-161369",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161369"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Various Lexmark products have Incorrect Access Control (issue 1 of 2). Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. The following products and versions are affected: CS31x with firmware LW71.VYL.P229 and earlier; CS41x with firmware LW71.VY2.P229 and earlier; CX310 with firmware LW71.GM2.P229 and earlier; MS310 with .P229 and earlier firmware; MS312 with LW71.GM2.P229 and earlier firmware; MS317 with LW71.GM2.P229 and earlier firmware; MS410 with LW71.PRL.P229 and earlier firmware; M1140 with firmware version .PRL.P229 and earlier; MS315 with firmware version LW71.TL2.P229 and earlier; MS415 with firmware version LW71.TL2.P229 and earlier; MS417 with firmware version LW71.TL2.P229 and earlier; MX31x with firmware LW71.SB2.P229 and earlier; XM1135 with firmware LW71.SB2.P229 and earlier; MS51x with firmware LW71.PR2.P229 and earlier; firmware with LW71.PR2.P229 and earlier MS610dn; MS617 using LW71.PR2.P229 and earlier firmware; M1145 using LW71.PR2.P229 and earlier firmware; M3150dn using LW71.PR2.P229 and earlier firmware; using LW71.DN2.P229 and earlier MS71x with firmware LW71.DN2.P229 and earlier; M5163dn with firmware LW71.DN2.P229 and earlier; MS810 with firmware LW71.DN2.P229 and earlier; MS811 with firmware LW71.DN2.P229 and earlier; MS812 with previous version firmware; MS817 with LW71.DN2.P229 and previous version firmware; MS818 with LW71.DN2.P229 and previous version firmware",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9934"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "VULHUB",
"id": "VHN-161369"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9934",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-161369",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161369"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"id": "VAR-201908-0058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-161369"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:37:03.451000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TE924",
"trust": 0.8,
"url": "http://support.lexmark.com/index?page=content\u0026id=TE924\u0026locale=en\u0026userlocale=EN_US"
},
{
"title": "Multiple Lexmark Product access control error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97628"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161369"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://support.lexmark.com/index?page=content\u0026id=te924\u0026locale=en\u0026userlocale=en_us"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9934"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9934"
},
{
"trust": 0.1,
"url": "http://support.lexmark.com/index?page=content\u0026amp;id=te924\u0026amp;locale=en\u0026amp;userlocale=en_us"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161369"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-161369"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-28T00:00:00",
"db": "VULHUB",
"id": "VHN-161369"
},
{
"date": "2019-09-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"date": "2019-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"date": "2019-08-28T16:15:11.953000",
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-161369"
},
{
"date": "2019-09-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008489"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-2140"
},
{
"date": "2024-11-21T04:52:37.427000",
"db": "NVD",
"id": "CVE-2019-9934"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Lexmark Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008489"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-2140"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.