Lucene search

[email protected]NVD:CVE-2019-18791

HistoryFeb 13, 2020 - 4:15 p.m.

CVE-2019-18791

2020-02-1316:15:11

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.

Affected configurations

Nvd

Node

lexmarkcx31x_firmwareRange≤lw73.vyl.p263

AND

lexmarkcx31xMatch-

Node

lexmarkcx41x_firmwareRange≤lw73.vy2.p263

AND

lexmarkcx41xMatch-

Node

lexmarkcx310_firmwareRange≤lw73.gm2.p263

AND

lexmarkcx310Match-

Node

lexmarkms310_firmwareRange≤lw73.prl.p263

AND

lexmarkms310Match-

Node

lexmarkms312_firmwareRange≤lw73.prl.p263

AND

lexmarkms312Match-

Node

lexmarkms317_firmwareRange≤lw73.prl.p263

AND

lexmarkms317Match-

Node

lexmarkms410_firmwareRange≤lw73.prl.p263

AND

lexmarkms410Match-

Node

lexmarkm1140_firmwareRange≤lw73.prl.p263

AND

lexmarkm1140Match-

Node

lexmarkms315_firmwareRange≤lw73.tl2.p263

AND

lexmarkms315Match-

Node

lexmarkms415_firmwareRange≤lw73.tl2.p263

AND

lexmarkms415Match-

Node

lexmarkms417_firmwareRange≤lw73.tl2.p263

AND

lexmarkms417Match-

Node

lexmarkms51x_firmwareRange≤lw73.pr2.p263

AND

lexmarkms51xMatch-

Node

lexmarkms610dn_firmwareRange≤lw73.pr2.p263

AND

lexmarkms610dnMatch-

Node

lexmarkms617_firmwareRange≤lw73.pr2.p263

AND

lexmarkms617Match-

Node

lexmarkm1145_firmwareRange≤lw73.pr2.p263

AND

lexmarkm1145Match-

Node

lexmarkm3150dn_firmwareRange≤lw73.pr2.p263

AND

lexmarkm3150dnMatch-

Node

lexmarkms71x_firmwareRange≤lw73.dn2.p263

AND

lexmarkms71xMatch-

Node

lexmarkm5163dn_firmwareRange≤lw73.dn2.p263

AND

lexmarkm5163dnMatch-

Node

lexmarkms810_firmwareRange≤lw73.dn2.p263

AND

lexmarkms810Match-

Node

lexmarkms811_firmwareRange≤lw73.dn2.p263

AND

lexmarkms811Match-

Node

lexmarkms812_firmwareRange≤lw73.dn2.p263

AND

lexmarkms812Match-

Node

lexmarkms817_firmwareRange≤lw73.dn2.p263

AND

lexmarkms817Match-

Node

lexmarkms818_firmwareRange≤lw73.dn2.p263

AND

lexmarkms818Match-

Node

lexmarkms810de_firmwareRange≤lw73.dn4.p263

AND

lexmarkms810deMatch-

Node

lexmarkm5155Match-

AND

lexmarkm5155_firmwareRange≤lw73.dn4.p263

Node

lexmarkm5163Match-

AND

lexmarkm5163_firmwareRange≤lw73.dn4.p263

Node

lexmarkms812deMatch-

AND

lexmarkms812de_firmwareRange≤lw73.dn7.p263

Node

lexmarkm5170Match-

AND

lexmarkm5170_firmwareRange≤lw73.dn7.p263

Node

lexmarkms91xMatch-

AND

lexmarkms91x_firmwareRange≤lw73.sa.p263

Node

lexmarkmx31xMatch-

AND

lexmarkmx31x_firmwareRange≤lw73.sb2.p263

Node

lexmarkxm1135Match-

AND

lexmarkxm1135_firmwareRange≤lw73.sb2.p263

Node

lexmarkmx410Match-

AND

lexmarkmx410_firmwareRange≤lw73.sb4.p263

Node

lexmarkmx510_firmwareRange≤lw73.sb4.p263

AND

lexmarkmx510Match-

Node

lexmarkmx511_firmwareRange≤lw73.sb4.p263

AND

lexmarkmx511Match-

Node

lexmarkmx610_firmwareRange≤lw73.sb7.p263

AND

lexmarkmx610Match-

Node

lexmarkmx611_firmwareRange≤lw73.sb7.p263

AND

lexmarkmx611Match-

Node

lexmarkxm3150_firmwareRange≤lw73.sb7.p263

AND

lexmarkxm3150Match-

Node

lexmarkmx71x_firmwareRange≤lw73.tu.p263

AND

lexmarkmx71xMatch-

Node

lexmarkmx81x_firmwareRange≤lw73.tu.p263

AND

lexmarkmx81xMatch-

Node

lexmarkxm51xx_firmwareRange≤lw73.tu.p263

AND

lexmarkxm51xxMatch-

Node

lexmarkxm71xx_firmwareRange≤lw73.tu.p263

AND

lexmarkxm71xxMatch-

Node

lexmarkmx91x_firmwareRange≤lw73.mg.p263

AND

lexmarkmx91xMatch-

Node

lexmarkxm91x_firmwareRange≤lw73.mg.p263

AND

lexmarkxm91xMatch-

Node

lexmarkmx6500e_firmwareRange≤lw73.jd.p263

AND

lexmarkmx6500eMatch-

Node

lexmarkc746_firmwareRange≤lhs60.cm2.p731

AND

lexmarkc746Match-

Node

lexmarkc748_firmwareRange≤lhs60.cm4.p731

AND

lexmarkc748Match-

Node

lexmarkcs748_firmwareRange≤lhs60.cm4.p731

AND

lexmarkcs748Match-

Node

lexmarkc792_firmwareRange≤lhs60.hc.p731

AND

lexmarkc792Match-

Node

lexmarkcs796_firmwareRange≤lhs60.hc.p731

AND

lexmarkcs796Match-

Node

lexmarkc925_firmwareRange≤lhs60.hv.p731

AND

lexmarkc925Match-

Node

lexmarkc950_firmwareRange≤lhs60.tp.p731

AND

lexmarkc950Match-

Node

lexmarkx548_firmwareRange≤lhs60.vk.p731

AND

lexmarkx548Match-

Node

lexmarkxs548_firmwareRange≤lhs60.vk.p731

AND

lexmarkxs548Match-

Node

lexmarkx74x_firmwareRange≤lhs60.ny.p731

AND

lexmarkx74xMatch-

Node

lexmarkxs748_firmwareRange≤lhs60.ny.p731

AND

lexmarkxs748Match-

Node

lexmarkx792_firmwareRange≤lhs60.mr.p731

AND

lexmarkx792Match-

Node

lexmarkxs79x_firmwareRange≤lhs60.mr.p731

AND

lexmarkxs79xMatch-

Node

lexmarkx925_firmwareRange≤lhs60.hk.p731

AND

lexmarkx925Match-

Node

lexmarkxs925_firmwareRange≤lhs60.hk.p731

AND

lexmarkxs925Match-

Node

lexmarkx95x_firmwareRange≤lhs60.tq.p731

AND

lexmarkx95xMatch-

Node

lexmarkxs95x_firmwareRange≤lhs60.tq.p731

AND

lexmarkxs95xMatch-

Node

lexmark6500e_firmwareRange≤lhs60.jr.p731

AND

lexmark6500eMatch-

Node

lexmarkc734_firmwareRange≤lr.sk.p822

AND

lexmarkc734Match-

Node

lexmarkc736_firmwareRange≤lr.ske.p822

AND

lexmarkc736Match-

Node

lexmarke46x_firmwareRange≤lr.lbh.p822

AND

lexmarke46xMatch-

Node

lexmarkt65x_firmwareRange≤lr.jp.p822

AND

lexmarkt65xMatch-

Node

lexmarkx46x_firmwareRange≤lr.bs.p822

AND

lexmarkx46xMatch-

Node

lexmarkx65x_firmwareRange≤lr.mn.p822

AND

lexmarkx65xMatch-

Node

lexmarkx73x_firmwareRange≤lr.fl.p822

AND

lexmarkx73xMatch-

Node

lexmarkw850_firmwareRange≤lp.jb.p821

AND

lexmarkw850Match-

Node

lexmarkx86x_firmwareRange≤lp.sp.p821

AND

lexmarkx86xMatch-

Node

lexmarkcx410_firmwareRange≤lw73.gm4.p263

AND

lexmarkcx410Match-

Node

lexmarkxc2130_firmwareRange≤lw73.gm4.p263

AND

lexmarkxc2130Match-

Node

lexmarkcx510_firmwareRange≤lw73.gm7.p263

AND

lexmarkcx510Match-

Node

lexmarkxc2132_firmwareRange≤lw73.gm7.p263

AND

lexmarkxc2132Match-

Node

lexmarkcx51x_firmwareRange≤lw73.vy4.p263

AND

lexmarkcx51xMatch-

Node

lexmarkms610de_firmwareRange≤lw73.pr4.p263

AND

lexmarkms610deMatch-

Node

lexmarkm3150_firmwareRange≤lw73.pr4.p263

AND

lexmarkm3150Match-

Node

lexmarkxm1140_firmwareRange≤lw73.sb4.p263

AND

lexmarkxm1140Match-

Node

lexmarkxm1145_firmwareRange≤lw73.sb4.p263

AND

lexmarkxm1145Match-

VendorProductVersionCPE
lexmarkcx31x_firmware*cpe:2.3:o:lexmark:cx31x_firmware:*:*:*:*:*:*:*:*
lexmarkcx31x-cpe:2.3:h:lexmark:cx31x:-:*:*:*:*:*:*:*
lexmarkcx41x_firmware*cpe:2.3:o:lexmark:cx41x_firmware:*:*:*:*:*:*:*:*
lexmarkcx41x-cpe:2.3:h:lexmark:cx41x:-:*:*:*:*:*:*:*
lexmarkcx310_firmware*cpe:2.3:o:lexmark:cx310_firmware:*:*:*:*:*:*:*:*
lexmarkcx310-cpe:2.3:h:lexmark:cx310:-:*:*:*:*:*:*:*
lexmarkms310_firmware*cpe:2.3:o:lexmark:ms310_firmware:*:*:*:*:*:*:*:*
lexmarkms310-cpe:2.3:h:lexmark:ms310:-:*:*:*:*:*:*:*
lexmarkms312_firmware*cpe:2.3:o:lexmark:ms312_firmware:*:*:*:*:*:*:*:*
lexmarkms312-cpe:2.3:h:lexmark:ms312:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lexmark	cx31x_firmware	*	cpe:2.3:o:lexmark:cx31x_firmware::::::::
lexmark	cx31x	-	cpe:2.3:h:lexmark:cx31x:-:::::::*
lexmark	cx41x_firmware	*	cpe:2.3:o:lexmark:cx41x_firmware::::::::
lexmark	cx41x	-	cpe:2.3:h:lexmark:cx41x:-:::::::*
lexmark	cx310_firmware	*	cpe:2.3:o:lexmark:cx310_firmware::::::::
lexmark	cx310	-	cpe:2.3:h:lexmark:cx310:-:::::::*
lexmark	ms310_firmware	*	cpe:2.3:o:lexmark:ms310_firmware::::::::
lexmark	ms310	-	cpe:2.3:h:lexmark:ms310:-:::::::*
lexmark	ms312_firmware	*	cpe:2.3:o:lexmark:ms312_firmware::::::::
lexmark	ms312	-	cpe:2.3:h:lexmark:ms312:-:::::::*

Rows per page:

1-10 of 1601

References

support.lexmark.com/alerts/

support.lexmark.com/index?page=content&id=TE933&modifiedDate=02/04/20&actp=LIST_RECENT&userlocale=EN_US&locale=en

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Related for NVD:CVE-2019-18791

cvelist1 cve1 openvas1 prion1