exploitDog

CVE-2021-44736

Опубликовано: 20 янв. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.

Ссылки

https://support.lexmark.com/alerts/
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-331/
Third Party Advisory
VDB Entry
https://support.lexmark.com/alerts/
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-331/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:lexmark:mc3224i_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:lexmark:mc3224i:-:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00594

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-gf53-pwvp-9h97

CVSS3: 9.8

github

почти 4 года назад

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.

EPSS

Процентиль: 69%

0.00594

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-287