Lucene search

K
cve[email protected]CVE-2013-6033
HistoryFeb 04, 2014 - 5:39 a.m.

CVE-2013-6033

2014-02-0405:39:08
CWE-79
web.nvd.nist.gov
21
cve-2013-6033
cross-site scripting
xss
lexmark
printers
snmp
ews

5.5 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.7%

Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allow remote authenticated users to inject arbitrary web script or HTML by using (1) SNMP or (2) the Embedded Web Server (EWS) to set the (a) Contact or (b) Location field.

Affected configurations

NVD
Node
lexmarkc52xRangels.fa.p150
OR
lexmarkc53xRangels.sw.p069
OR
lexmarkc920Rangels.ta.p152
OR
lexmarkc935dnRangelc.jo.p091
OR
lexmarke250Rangele.pm.p126
OR
lexmarke350Rangele.ph.p129
OR
lexmarke450Rangelm.sz.p124
OR
lexmarkt64xRangels.st.p343
OR
lexmarkw840Rangels.ha.p252

5.5 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.7%

Related for CVE-2013-6033