{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-04-11T00:00:00", "descriptions": [{"lang": "en", "value": "On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-15T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "41863", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/41863/"}, {"tags": ["x_refsource_MISC"], "url": "https://cxsecurity.com/blad/WLB-2017040064"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7588", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "41863", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41863/"}, {"name": "https://cxsecurity.com/blad/WLB-2017040064", "refsource": "MISC", "url": "https://cxsecurity.com/blad/WLB-2017040064"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:04:12.048Z"}, "title": "CVE Program Container", "references": [{"name": "41863", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/41863/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cxsecurity.com/blad/WLB-2017040064"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7588", "datePublished": "2017-04-12T10:00:00", "dateReserved": "2017-04-08T00:00:00", "dateUpdated": "2024-08-05T16:04:12.048Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brother:mfc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E75786C-418A-4C7D-9516-5328931391B9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brother:mfc-8710dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "063EFDCB-ACA5-48CC-8ACB-B4C35AE82DE5", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-9130cw:-:*:*:*:*:*:*:*", "matchCriteriaId": "620943CE-02CE-490D-9D92-6A46F591A002", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-9330cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F94C339-B174-4F36-AAC4-6F7B676E0A54", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-9340cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8096B8B-E830-4008-B970-11F7F86531DC", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j3720:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E30AFC7-51C8-4C89-81BD-5BE8E10FB789", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j4420dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EB4E3BE-698A-47D6-A4F4-B9CAA371ADCF", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j4620dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE4FF760-1267-4281-B1D0-80BBAFED9CDD", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j5620dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F34C514-2738-4206-8B23-2AC7EB0E900B", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j5910dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFB8BFDB-0796-455F-8F0A-42A5885C1404", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j6520dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A349B90-B721-42FE-B136-726093F8FCD9", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j6720dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0358966-552E-47B8-AAA9-8922609625E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j6920dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "66C3D9CC-7C78-4171-95D7-7FD4CD6F0387", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-j6973cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECA24CE5-445C-4980-B46A-B7715810BC7F", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l2700dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "36099941-3EBD-44B5-8452-093EF433642E", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l2720dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3B00252-5D1C-4922-A223-92958F945DB8", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l2740dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "6079C730-2332-429C-9833-BEB7081D2C92", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l8600cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DD70CBD-FF0C-4987-90B3-357F1F6D60A2", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l8850cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDCBA36B-4BE4-4C0D-ABDE-76A2A7B8E9FA", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:mfc-l9550cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "39596AFD-DA7E-4DED-B132-888CD804F44F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brother:dcp_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B17165B-7D42-4DF0-9C26-638C37904476", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brother:dcp-l2520dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "0445551D-01CA-435B-B4F4-79022C18237F", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:dcp-l2540dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "207F0E9F-29B1-4AEC-B0F1-14424060D61D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brother:ads_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0D9D4CB-E9E8-47C3-9826-1D2F976F864F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brother:ads-1000w:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F2240DC-9A63-49EA-9BC6-C12111839753", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:ads-1500w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4064DB43-1CD0-4149-85EC-AFD7B1CD062B", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:ads-2500w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD13640-29B4-4784-9A61-3922ECB6E0FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brother:hl_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B89B169-2D03-499C-9022-656124B5E8D8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brother:hl-3140cw:-:*:*:*:*:*:*:*", "matchCriteriaId": "A36ADEE6-20CB-42AA-9E2F-F349DACAD75A", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:hl-3170cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BD6C1B8-1FAF-4A20-BDEA-B0377295DDDD", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:hl-3180cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB5A15D7-1C22-4C7C-927D-58A5451F6511", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:hl-l2380dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF710C62-026C-4DA1-AD1E-AB95EC2BA9B7", "vulnerable": false}, {"criteria": "cpe:2.3:h:brother:hl-l8350cdw:-:*:*:*:*:*:*:*", "matchCriteriaId": "024B4793-D380-4C28-8C83-0F37F3F5A0D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W."}, {"lang": "es", "value": "En ciertos dispositivos Brother, autorizaci\u00f3n es mal manejada incluyendo una cookie v\u00e1lida AuthCookie en la respuesta HTTP para un intento fallido de inicio de sesi\u00f3n. Modelos afectados son: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W."}], "id": "CVE-2017-7588", "lastModified": "2024-11-21T03:32:13.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-12T10:59:00.337", "references": [{"source": "cve@mitre.org", "url": "https://cxsecurity.com/blad/WLB-2017040064"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/41863/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cxsecurity.com/blad/WLB-2017040064"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/41863/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}