CVE-2019-9934

nvd nist

Published: Aug 28, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Various Lexmark products have Incorrect Access Control (issue 1 of 2).

Affected (25)

Products: Lexmark: Cs31x Firmware, Cs41x Firmware, Cx310 Firmware, Ms310 Firmware, Ms312 Firmware, Ms317 Firmware, Ms410 Firmware, M1140 Firmware, Ms315 Firmware, Ms415 Firmware, Ms417 Firmware, Mx31x Firmware, Xm1135 Firmware, Ms51x Firmware, Ms610dn Firmware, Ms617 Firmware, M1145 Firmware, M3150dn Firmware, Ms71x Firmware, M5163dn Firmware, Ms810 Firmware, Ms811 Firmware, Ms812 Firmware, Ms817 Firmware, Ms818 Firmware

25 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Cs31x Firmware	Up to lw71.vyl.p229

Running on/with	Platform Versions
Lexmark Cs31x	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Cs41x Firmware	Up to lw71.vy2.p229

Running on/with	Platform Versions
Lexmark Cs41x	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Cx310 Firmware	Up to lw71.gm2.p229

Running on/with	Platform Versions
Lexmark Cx310	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms310 Firmware	Up to lw71.prl.p229

Running on/with	Platform Versions
Lexmark Ms310	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms312 Firmware	Up to lw71.prl.p229

Running on/with	Platform Versions
Lexmark Ms312	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms317 Firmware	Up to lw71.prl.p229

Running on/with	Platform Versions
Lexmark Ms317	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms410 Firmware	Up to lw71.prl.p229

Running on/with	Platform Versions
Lexmark Ms410	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark M1140 Firmware	Up to lw71.prl.p229

Running on/with	Platform Versions
Lexmark M1140	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms315 Firmware	Up to lw71.tl2.p229

Running on/with	Platform Versions
Lexmark Ms315	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms415 Firmware	Up to lw71.tl2.p229

Running on/with	Platform Versions
Lexmark Ms415	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms417 Firmware	Up to lw71.tl2.p229

Running on/with	Platform Versions
Lexmark Ms417	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Mx31x Firmware	Up to lw71.sb2.p229

Running on/with	Platform Versions
Lexmark Mx31x	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Xm1135 Firmware	Up to lw71.sb2.p229

Running on/with	Platform Versions
Lexmark Xm1135	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms51x Firmware	Up to lw71.pr2.p229

Running on/with	Platform Versions
Lexmark Ms51x	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms610dn Firmware	Up to lw71.pr2.p229

Running on/with	Platform Versions
Lexmark Ms610dn	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms617 Firmware	Up to lw71.pr2.p229

Running on/with	Platform Versions
Lexmark Ms617	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark M1145 Firmware	Up to lw71.pr2.p229

Running on/with	Platform Versions
Lexmark M1145	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark M3150dn Firmware	Up to lw71.pr2.p229

Running on/with	Platform Versions
Lexmark M3150dn	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms71x Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms71x	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark M5163dn Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark M5163dn	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms810 Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms810	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms811 Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms811	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms812 Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms812	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms817 Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms817	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Lexmark Ms818 Firmware	Up to lw71.dn2.p229

Running on/with	Platform Versions
Lexmark Ms818	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

http://support.lexmark.com/index?page=content&id=TE924&locale=en&userlocale=EN_US

Source: cve@mitre.org

Vendor Advisory

http://support.lexmark.com/index?page=content&id=TE924&locale=en&userlocale=EN_US

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.