Description
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.
Published: 2023-09-01
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-44836 Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.
History

Tue, 01 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Lexmark C2132 C2132 Firmware Cs310 Cs310 Firmware Cs317 Cs317 Firmware Cs410 Cs410 Firmware Cs417 Cs417 Firmware Cs510 Cs510 Firmware Cs517 Cs517 Firmware Cx310 Cx310 Firmware Cx317 Cx317 Firmware Cx410 Cx410 Firmware Cx417 Cx417 Firmware Cx510 Cx510 Firmware Cx517 Cx517 Firmware M1140 M1140\+ M1140\+ Firmware M1140 Firmware M1145 M1145 Firmware M3150de M3150de Firmware M3150dn M3150dn Firmware M5155 M5155 Firmware M5163de M5163de Firmware M5163dn M5163dn Firmware M5170 M5170 Firmware Ms310 Ms310 Firmware Ms312 Ms312 Firmware Ms315 Ms315 Firmware Ms317 Ms317 Firmware Ms410 Ms410 Firmware Ms415 Ms415 Firmware Ms417 Ms417 Firmware Ms510 Ms510 Firmware Ms517 Ms517 Firmware Ms610de Ms610de Firmware Ms610dn Ms610dn Firmware Ms617 Ms617 Firmware Ms710 Ms710 Firmware Ms711 Ms711 Firmware Ms810de Ms810de Firmware Ms810dn Ms810dn Firmware Ms811 Ms811 Firmware Ms812de Ms812de Firmware Ms812dn Ms812dn Firmware Ms817 Ms817 Firmware Ms818 Ms818 Firmware Ms911 Ms911 Firmware Mx310 Mx310 Firmware Mx317 Mx317 Firmware Mx410 Mx410 Firmware Mx417 Mx417 Firmware Mx510 Mx510 Firmware Mx511 Mx511 Firmware Mx517 Mx517 Firmware Mx610 Mx610 Firmware Mx611 Mx611 Firmware Mx617 Mx617 Firmware Mx710 Mx710 Firmware Mx711 Mx711 Firmware Mx717 Mx717 Firmware Mx718 Mx718 Firmware Mx810 Mx810 Firmware Mx811 Mx811 Firmware Mx812 Mx812 Firmware Mx910 Mx910 Firmware Mx911 Mx911 Firmware Mx912 Mx912 Firmware Xc2130 Xc2130 Firmware Xc2132 Xc2132 Firmware Xm1135 Xm1135 Firmware Xm1140 Xm1140 Firmware Xm1145 Xm1145 Firmware Xm3150 Xm3150 Firmware Xm5163 Xm5163 Firmware Xm5170 Xm5170 Firmware Xm5263 Xm5263 Firmware Xm5270 Xm5270 Firmware Xm7155 Xm7155 Firmware Xm7163 Xm7163 Firmware Xm7170 Xm7170 Firmware Xm7263 Xm7263 Firmware Xm7270 Xm7270 Firmware Xm9145 Xm9145 Firmware Xm9155 Xm9155 Firmware Xm9165 Xm9165 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-10-01T14:26:17.023Z

Reserved: 2023-08-11T00:00:00.000Z

Link: CVE-2023-40239

cve-icon Vulnrichment

Updated: 2024-08-02T18:24:55.807Z

cve-icon NVD

Status : Modified

Published: 2023-09-01T11:15:42.657

Modified: 2024-11-21T08:19:03.160

Link: CVE-2023-40239

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses