CVE-2018-15519 - Vulnerability Details

Description

Various Lexmark devices have a Buffer Overflow (issue 1 of 2).

Published: 2019-06-28

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:lexmark:cx310_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:cx310:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:lexmark:cx410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:cx410:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:lexmark:cx510_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:cx510:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:lexmark:xc2132_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xc2132:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:lexmark:mx31x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx31x:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:lexmark:mx41x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx41x:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:lexmark:mx51x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx51x:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:lexmark:xm1145_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xm1145:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:lexmark:mx61x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx61x:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:lexmark:xm3150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xm3150:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:lexmark:mx71x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx71x:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:lexmark:mx81x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx81x:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:lexmark:xm51xx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xm51xx:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:lexmark:xm71xx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xm71xx:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:lexmark:mx91x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx91x:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:lexmark:xm91x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xm91x:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:lexmark:mx6500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mx6500:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:lexmark:x54x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x54x:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:lexmark:xs54x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xs54x:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:lexmark:x74x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x74x:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:lexmark:xs74x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xs74x:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:lexmark:x79x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x79x:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:lexmark:xs79x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xs79x:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:lexmark:x92x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x92x:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:lexmark:xs92x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xs92x:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:lexmark:x95x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x95x:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:lexmark:xs95x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:xs95x:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:lexmark:6500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:6500:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:lexmark:x46x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x46x:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:lexmark:x65x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x65x:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:lexmark:x73x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x73x:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:lexmark:x86x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:x86x:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2018-7396	Various Lexmark devices have a Buffer Overflow (issue 1 of 2).

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00543.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://support.lexmark.com/index?page=content&id=TE892

History

No history.

Subscriptions

Lexmark 6500 6500 Firmware Cx310 Cx310 Firmware Cx410 Cx410 Firmware Cx510 Cx510 Firmware Mx31x Mx31x Firmware Mx41x Mx41x Firmware Mx51x Mx51x Firmware Mx61x Mx61x Firmware Mx6500 Mx6500 Firmware Mx71x Mx71x Firmware Mx81x Mx81x Firmware Mx91x Mx91x Firmware X46x X46x Firmware X54x X54x Firmware X65x X65x Firmware X73x X73x Firmware X74x X74x Firmware X79x X79x Firmware X86x X86x Firmware X92x X92x Firmware X95x X95x Firmware Xc2132 Xc2132 Firmware Xm1145 Xm1145 Firmware Xm3150 Xm3150 Firmware Xm51xx Xm51xx Firmware Xm71xx Xm71xx Firmware Xm91x Xm91x Firmware Xs54x Xs54x Firmware Xs74x Xs74x Firmware Xs79x Xs79x Firmware Xs92x Xs92x Firmware Xs95x Xs95x Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-06-28T16:12:24.000Z

Updated: 2024-08-05T09:54:03.622Z

Reserved: 2018-08-18T00:00:00.000Z

Link: CVE-2018-15519

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-06-28T17:15:11.087

Modified: 2024-11-21T03:50:59.900

Link: CVE-2018-15519

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object