CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
A security flaw was found in OpenPrinting CUPS. A remote attacker may be able to exploit cups-filters via the FoomaticRIPCommandLine
entry in the PPD file, which would trigger the CUPS system to execute any arbitrary commands injected into that file when a print job is sent to the affected device.
See the security bulletin for a detailed mitigation procedure.