CVE-2023-3486 - OpenCVE

An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Papercut	Papercut Mf Papercut Ng

Configuration 1 [-]

OR	cpe:2.3:a:papercut:papercut_mf::::::::
	cpe:2.3:a:papercut:papercut_ng::::::::

No data.

References

Link	Providers
https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/
https://www.tenable.com/security/research/tra-2023-23

History

No history.

MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2023-07-25T12:50:42.477Z

Updated: 2024-08-02T06:55:03.589Z

Reserved: 2023-06-30T18:26:50.920Z

Link: CVE-2023-3486

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-07-25T13:15:10.330

Modified: 2023-07-31T18:01:04.267

Link: CVE-2023-3486

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3486", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2023-06-30T18:26:50.920Z", "datePublished": "2023-07-25T12:50:42.477Z", "dateUpdated": "2024-08-02T06:55:03.589Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PaperCut NG", "vendor": "PaperCut", "versions": [{"lessThan": "22.1.3", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-07-25T12:51:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: transparent;\">An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.</span><br>"}], "value": "An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.\n"}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2023-07-26T13:35:28.378Z"}, "references": [{"url": "https://www.tenable.com/security/research/tra-2023-23"}, {"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"}], "source": {"discovery": "UNKNOWN"}, "title": "PaperCut NG Unauthenticated File Upload", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:55:03.589Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.tenable.com/security/research/tra-2023-23", "tags": ["x_transferred"]}, {"url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D1E7B69-F906-49B6-A5AE-BC95E528AB81", "versionEndExcluding": "22.1.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE9EEC66-6455-4B4E-879D-7109E6E16199", "versionEndExcluding": "22.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host\u2019s file storage. This could exhaust system resources and prevent the service from operating as expected.\n"}, {"lang": "es", "value": "Existe una omisi\u00f3n de autenticaci\u00f3n en las versiones 22.0.12 y anteriores de PaperCut NG que podr\u00eda permitir a un atacante no remoto no autenticado cargar archivos arbitrarios en el almacenamiento del host de PaperCut NG. Esto podr\u00eda agotar los recursos del sistema e impedir que el servicio funcione como se espera. "}], "id": "CVE-2023-3486", "lastModified": "2023-07-31T18:01:04.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "vulnreport@tenable.com", "type": "Secondary"}]}, "published": "2023-07-25T13:15:10.330", "references": [{"source": "vulnreport@tenable.com", "tags": ["Vendor Advisory"], "url": "https://www.papercut.com/kb/Main/SecurityBulletinJuly2023/"}, {"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2023-23"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}