National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2013-6032 Detail

Description

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

Source:  MITRE
Description Last Modified:  02/04/2014

Impact

CVSS v2.0 Severity and Metrics:

Base Score: 10.0 HIGH
Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C) (V2 legend)
Impact Subscore: 10.0
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://support.lexmark.com/index?page=content&id=TE586
http://www.kb.cert.org/vuls/id/108062 US Government Resource

Technical Details

Vulnerability Type (View All)

Known Affected Software Configurations Switch to CPE 2.2

Configuration 1 ( hide )
 cpe:2.3:h:lexmark:25xxn:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lcl.cu.p114
 cpe:2.3:h:lexmark:c52x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
ls.fa.p150
 cpe:2.3:h:lexmark:c53x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
ls.sw.p069
 cpe:2.3:h:lexmark:c77x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.cm.p052
 cpe:2.3:h:lexmark:c78x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.io.p187
 cpe:2.3:h:lexmark:c920:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
ls.ta.p152
 cpe:2.3:h:lexmark:c935dn:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.jo.p091
 cpe:2.3:h:lexmark:e250:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
le.pm.p126
 cpe:2.3:h:lexmark:e350:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
le.ph.p129
 cpe:2.3:h:lexmark:e450:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lm.sz.p124
 cpe:2.3:h:lexmark:n4000:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.md.p119
 cpe:2.3:h:lexmark:n4050e:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
go.go.n206
 cpe:2.3:h:lexmark:n70xxe:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.co.n309
 cpe:2.3:h:lexmark:t64x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
ls.st.p343
 cpe:2.3:h:lexmark:w840:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
ls.ha.p252
 cpe:2.3:h:lexmark:x642:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc2.mb.p318
 cpe:2.3:h:lexmark:x644:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc4.be.p487
 cpe:2.3:h:lexmark:x646:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc2.mc.p373
 cpe:2.3:h:lexmark:x64xef:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc2.ti.p325
 cpe:2.3:h:lexmark:x772:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc2.tr.p291
 cpe:2.3:h:lexmark:x78x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc2.io.p335
 cpe:2.3:h:lexmark:x85x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc4.be.p487
 cpe:2.3:h:lexmark:x94x:*:*:*:*:*:*:*:*
     Show Matching CPE(s)
Up to (including)
lc.br.p141


Change History

1 change record found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2013-6032
NVD Published Date:
02/04/2014
NVD Last Modified:
02/04/2014