exploitDog

CVE-2023-34261

Опубликовано: 03 нояб. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.

Ссылки

https://sec-consult.com/vulnerability-lab/
Third Party Advisory
https://seclists.org/fulldisclosure/2023/Jul/15
Exploit
Mailing List
Third Party Advisory
https://sec-consult.com/vulnerability-lab/
Third Party Advisory
https://seclists.org/fulldisclosure/2023/Jul/15
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:*

Версия до 2vg_s000.002.561 (включая)

cpe:2.3:h:kyocera:d-copia253mf_plus:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00368

Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200

Связанные уязвимости

GHSA-m7v7-jj45-j87q

CVSS3: 5.3

github

больше 2 лет назад

Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.

EPSS

Процентиль: 58%

0.00368

Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200