T
his vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state.
References
| Link | Resource |
|---|---|
| https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 | Vendor Advisory |
| https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
23 Jan 2025, 20:29
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Papercut papercut Ng
Papercut papercut Mf Microsoft windows Linux linux Kernel Apple macos Linux Papercut Microsoft Apple |
|
| CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* |
|
| References | () https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 - Vendor Advisory | |
| CWE | NVD-CWE-Other |
21 Nov 2024, 08:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 - |
26 Sep 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-488 |
Information
Published : 2024-03-14 03:15
Updated : 2025-01-23 20:29
NVD link : CVE-2024-1223
Mitre link : CVE-2024-1223
CVE.ORG link : CVE-2024-1223
JSON object : View
Products Affected
CWE