Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-3145
HistoryApr 22, 2016 - 12:59 a.m.

CVE-2016-3145

2016-04-2200:59:09
CWE-200
[email protected]
web.nvd.nist.gov
22
lexmark
printer
firmware
vulnerability
cve-2016-3145
security
information security
nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.

Affected configurations

NVD
Node
lexmarkprinter_firmwareRangepppp.021.062
AND
lexmarkcx820deMatch-
OR
lexmarkcx820dtfeMatch-
OR
lexmarkcx825deMatch-
OR
lexmarkcx825dteMatch-
OR
lexmarkcx825dtfeMatch-
OR
lexmarkcx860deMatch-
OR
lexmarkcx860dteMatch-
OR
lexmarkcx860dtfeMatch-
OR
lexmarkxc6152deMatch-
OR
lexmarkxc6152dtfeMatch-
OR
lexmarkxc8155deMatch-
OR
lexmarkxc8155dteMatch-
OR
lexmarkxc8160deMatch-
OR
lexmarkxc8160dteMatch-
Node
lexmarkprinter_firmwareRangecbcb.021.062
AND
lexmarkc4150Match-
OR
lexmarkcs720deMatch-
OR
lexmarkcs720dteMatch-
OR
lexmarkcs725deMatch-
OR
lexmarkcs725dteMatch-
Node
lexmarkprinter_firmwareRangeykyk.021.062
AND
lexmarkc6160Match-
Node
lexmarkprinter_firmwareRangeykyk.021.057
AND
lexmarkcs820deMatch-
OR
lexmarkcs820dteMatch-
OR
lexmarkcs820dtfeMatch-
Node
lexmarkprinter_firmwareRangeatlatl.021.062
AND
lexmarkcx725deMatch-
OR
lexmarkcx725dheMatch-
OR
lexmarkcx725dtheMatch-
OR
lexmarkxc4150Match-

Related

nvd 1
prion 1
cvelist 1
nvd
nvd
CVE-2016-3145
2016-04-22 00:59:09
prion
prion
Hardcoded credentials
2016-04-22 00:59:00
cvelist
cvelist
CVE-2016-3145
2016-04-22 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.5%

JSON
Related for CVE-2016-3145
nvd1prion1cvelist1