CVE-2018-15520 - Vulnerability Details

Various Lexmark devices have a Buffer Overflow (issue 2 of 2).

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00543.

Key SSVC decision points have not yet been added.

Vendors	Products
Lexmark Subscribe	Cx421 Subscribe Cx421 Firmware Subscribe Cx522 Subscribe Cx522 Firmware Subscribe Cx62x Subscribe Cx62x Firmware Subscribe Cx72x Subscribe Cx72x Firmware Subscribe Cx82x Subscribe Cx82x Firmware Subscribe Cx860 Subscribe Cx860 Firmware Subscribe Cx92x Subscribe Cx92x Firmware Subscribe Mb2338 Subscribe Mb2338 Firmware Subscribe Mb2442 Subscribe Mb2442 Firmware Subscribe Mb2546 Subscribe Mb2546 Firmware Subscribe Mb2650 Subscribe Mb2650 Firmware Subscribe Mb2770 Subscribe Mb2770 Firmware Subscribe Mc2325 Subscribe Mc2325 Firmware Subscribe Mc2425 Subscribe Mc2425 Firmware Subscribe Mc2535 Subscribe Mc2535 Firmware Subscribe Mc2640 Subscribe Mc2640 Firmware Subscribe Mx321 Subscribe Mx321 Firmware Subscribe Mx42x Subscribe Mx42x Firmware Subscribe Mx52x Subscribe Mx52x Firmware Subscribe Mx622 Subscribe Mx622 Firmware Subscribe Mx72x Subscribe Mx72x Firmware Subscribe Mx82x Subscribe Mx82x Firmware Subscribe Xc2235 Subscribe Xc2235 Firmware Subscribe Xc41x0 Subscribe Xc41x0 Firmware Subscribe Xc4240 Subscribe Xc4240 Firmware Subscribe Xc6152 Subscribe Xc6152 Firmware Subscribe Xc8155 Subscribe Xc8155 Firmware Subscribe Xc8160 Subscribe Xc8160 Firmware Subscribe Xc92x5 Subscribe Xc92x5 Firmware Subscribe Xm124x Subscribe Xm124x Firmware Subscribe Xm3250 Subscribe Xm3250 Firmware Subscribe Xm5370 Subscribe Xm5370 Firmware Subscribe Xm7355 Subscribe Xm7355 Firmware Subscribe Xm7370 Subscribe Xm7370 Firmware Subscribe

Configuration 1 [-]

AND

OR	cpe:2.3:o:lexmark:cx82x_firmware::::::::
	cpe:2.3:o:lexmark:cx82x_firmware::::::::

cpe:2.3:h:lexmark:cx82x:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:lexmark:cx860_firmware::::::::
	cpe:2.3:o:lexmark:cx860_firmware::::::::

cpe:2.3:h:lexmark:cx860:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:lexmark:xc6152_firmware::::::::
	cpe:2.3:o:lexmark:xc6152_firmware::::::::

cpe:2.3:h:lexmark:xc6152:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:lexmark:xc8155_firmware::::::::
	cpe:2.3:o:lexmark:xc8155_firmware::::::::

cpe:2.3:h:lexmark:xc8155:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:lexmark:xc8160_firmware::::::::
	cpe:2.3:o:lexmark:xc8160_firmware::::::::

cpe:2.3:h:lexmark:xc8160:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:lexmark:cx72x_firmware::::::::
	cpe:2.3:o:lexmark:cx72x_firmware::::::::

cpe:2.3:h:lexmark:cx72x:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:lexmark:xc41x0_firmware::::::::
	cpe:2.3:o:lexmark:xc41x0_firmware::::::::

cpe:2.3:h:lexmark:xc41x0:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:lexmark:cx92x_firmware::::::::
	cpe:2.3:o:lexmark:cx92x_firmware::::::::

cpe:2.3:h:lexmark:cx92x:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:lexmark:xc92x5_firmware::::::::
	cpe:2.3:o:lexmark:xc92x5_firmware::::::::

cpe:2.3:h:lexmark:xc92x5:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

OR	cpe:2.3:o:lexmark:mx321_firmware::::::::
	cpe:2.3:o:lexmark:mx321_firmware::::::::

cpe:2.3:h:lexmark:mx321:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:lexmark:mb2338_firmware::::::::
	cpe:2.3:o:lexmark:mb2338_firmware::::::::

cpe:2.3:h:lexmark:mb2338:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:lexmark:mx42x_firmware::::::::
	cpe:2.3:o:lexmark:mx42x_firmware::::::::

cpe:2.3:h:lexmark:mx42x:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:lexmark:mx52x_firmware::::::::
	cpe:2.3:o:lexmark:mx52x_firmware::::::::

cpe:2.3:h:lexmark:mx52x:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

OR	cpe:2.3:o:lexmark:mx622_firmware::::::::
	cpe:2.3:o:lexmark:mx622_firmware::::::::

cpe:2.3:h:lexmark:mx622:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

OR	cpe:2.3:o:lexmark:mb2442_firmware::::::::
	cpe:2.3:o:lexmark:mb2442_firmware::::::::

cpe:2.3:h:lexmark:mb2442:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

OR	cpe:2.3:o:lexmark:mb2546_firmware::::::::
	cpe:2.3:o:lexmark:mb2546_firmware::::::::

cpe:2.3:h:lexmark:mb2546:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

OR	cpe:2.3:o:lexmark:mb2650_firmware::::::::
	cpe:2.3:o:lexmark:mb2650_firmware::::::::

cpe:2.3:h:lexmark:mb2650:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

OR	cpe:2.3:o:lexmark:xm124x_firmware::::::::
	cpe:2.3:o:lexmark:xm124x_firmware::::::::

cpe:2.3:h:lexmark:xm124x:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

OR	cpe:2.3:o:lexmark:xm3250_firmware::::::::
	cpe:2.3:o:lexmark:xm3250_firmware::::::::

cpe:2.3:h:lexmark:xm3250:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

OR	cpe:2.3:o:lexmark:mx72x_firmware::::::::
	cpe:2.3:o:lexmark:mx72x_firmware::::::::

cpe:2.3:h:lexmark:mx72x:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

OR	cpe:2.3:o:lexmark:mx82x_firmware::::::::
	cpe:2.3:o:lexmark:mx82x_firmware::::::::

cpe:2.3:h:lexmark:mx82x:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

OR	cpe:2.3:o:lexmark:mb2770_firmware::::::::
	cpe:2.3:o:lexmark:mb2770_firmware::::::::

cpe:2.3:h:lexmark:mb2770:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

OR	cpe:2.3:o:lexmark:xm5370_firmware::::::::
	cpe:2.3:o:lexmark:xm5370_firmware::::::::

cpe:2.3:h:lexmark:xm5370:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

OR	cpe:2.3:o:lexmark:xm7355_firmware::::::::
	cpe:2.3:o:lexmark:xm7355_firmware::::::::

cpe:2.3:h:lexmark:xm7355:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

OR	cpe:2.3:o:lexmark:xm7370_firmware::::::::
	cpe:2.3:o:lexmark:xm7370_firmware::::::::

cpe:2.3:h:lexmark:xm7370:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

OR	cpe:2.3:o:lexmark:cx421_firmware::::::::
	cpe:2.3:o:lexmark:cx421_firmware::::::::

cpe:2.3:h:lexmark:cx421:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

OR	cpe:2.3:o:lexmark:mc2325_firmware::::::::
	cpe:2.3:o:lexmark:mc2325_firmware::::::::

cpe:2.3:h:lexmark:mc2325:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

OR	cpe:2.3:o:lexmark:mc2425_firmware::::::::
	cpe:2.3:o:lexmark:mc2425_firmware::::::::

cpe:2.3:h:lexmark:mc2425:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

OR	cpe:2.3:o:lexmark:cx522_firmware::::::::
	cpe:2.3:o:lexmark:cx522_firmware::::::::

cpe:2.3:h:lexmark:cx522:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

OR	cpe:2.3:o:lexmark:cx62x_firmware::::::::
	cpe:2.3:o:lexmark:cx62x_firmware::::::::

cpe:2.3:h:lexmark:cx62x:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

OR	cpe:2.3:o:lexmark:mc2535_firmware::::::::
	cpe:2.3:o:lexmark:mc2535_firmware::::::::

cpe:2.3:h:lexmark:mc2535:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

OR	cpe:2.3:o:lexmark:mc2640_firmware::::::::
	cpe:2.3:o:lexmark:mc2640_firmware::::::::

cpe:2.3:h:lexmark:mc2640:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

OR	cpe:2.3:o:lexmark:xc2235_firmware::::::::
	cpe:2.3:o:lexmark:xc2235_firmware::::::::

cpe:2.3:h:lexmark:xc2235:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

OR	cpe:2.3:o:lexmark:xc4240_firmware::::::::
	cpe:2.3:o:lexmark:xc4240_firmware::::::::

cpe:2.3:h:lexmark:xc4240:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2018-7397	Various Lexmark devices have a Buffer Overflow (issue 2 of 2).

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://support.lexmark.com/index?page=content&id=TE892

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-06-28T15:25:12

Updated: 2024-08-05T09:54:03.766Z

Reserved: 2018-08-18T00:00:00

Link: CVE-2018-15520

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-06-28T16:15:09.463

Modified: 2024-11-21T03:51:00.073

Link: CVE-2018-15520

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Projects

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object