CVE-2024-3037

Опубликовано: 14 мая 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege code directly on the server.

Important: In most installations, this risk is mitigated by the default Windows Server configuration, which typically restricts local login access to Administrators only. However, this vulnerability could pose a risk to customers who allow non-administrative users to log in to the local console of the Windows environment hosting the PaperCut NG/MF application server.

Note: This CVE has been split into two separate CVEs (CVE-2024-3037 and CVE-2024-8404) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to

Ссылки

https://www.papercut.com/kb/Main/Security-Bulletin-May-2024/
Vendor Advisory
https://www.papercut.com/kb/Main/security-bulletin-may-2024/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*

Версия до 23.0.9 (исключая)

cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*

Версия до 23.0.9 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00117

Низкий

7.8 High

CVSS3

Дефекты

CWE-59

CWE-552

Связанные уязвимости

GHSA-f4jg-5wj8-pr9p

CVSS3: 6

github

больше 1 года назад

An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This vulnerability requires local login/console access to the PaperCut NG/MF server (eg: member of a domain admin group).