Lucene search

[email protected]CVE-2019-19772

HistoryMar 06, 2020 - 10:15 p.m.

CVE-2019-19772

2020-03-0622:15:11

CWE-79

[email protected]

web.nvd.nist.gov

120

lexmark

xss

embedded web server

information security

cve-2019-19772

nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

22.5%

JSON

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.

Affected configurations

NVD

Node

lexmarkcs31xMatch-

AND

lexmarkcs31x_firmwareRange≤lw74.vyl.p267

Node

lexmarkcs41xMatch-

AND

lexmarkcs41x_firmwareRange≤lw74.vy2.p267

Node

lexmarkcs51xMatch-

AND

lexmarkcs51x_firmwareRange≤lw74.vy4.p267

Node

lexmarkcx310Match-

AND

lexmarkcx310_firmwareRange≤lw74.gm2.p267

Node

lexmarkcx410Match-

AND

lexmarkcx410_firmwareRange≤lw74.gm4.p267

Node

lexmarkxc2130Match-

AND

lexmarkxc2130_firmwareRange≤lw74.gm4.p267

Node

lexmarkcx510Match-

AND

lexmarkcx510_firmwareRange≤lw74.gm7.p267

Node

lexmarkxc2132Match-

AND

lexmarkxc2132_firmwareRange≤lw74.gm7.p267

Node

lexmarkms310_firmwareRange≤lw74.prl.p267

AND

lexmarkms310Match-

Node

lexmarkms312_firmwareRange≤lw74.prl.p267

AND

lexmarkms312Match-

Node

lexmarkms317_firmwareRange≤lw74.prl.p267

AND

lexmarkms317Match-

Node

lexmarkms410_firmwareRange≤lw74.prl.p267

AND

lexmarkms410Match-

Node

lexmarkm1140_firmwareRange≤lw74.prl.p267

AND

lexmarkm1140Match-

Node

lexmarkms315_firmwareRange≤lw74.tl2.p267

AND

lexmarkms315Match-

Node

lexmarkms415_firmwareRange≤lw74.tl2.p267

AND

lexmarkms415Match-

Node

lexmarkms417_firmwareRange≤lw74.tl2.p267

AND

lexmarkms417Match-

Node

lexmarkms51x_firmwareRange≤lw74.pr2.p267

AND

lexmarkms51xMatch-

Node

lexmarkms610dn_firmwareRange≤lw74.pr2.p267

AND

lexmarkms610dnMatch-

Node

lexmarkms617_firmwareRange≤lw74.pr2.p267

AND

lexmarkms617Match-

Node

lexmarkm1145_firmwareRange≤lw74.pr2.p267

AND

lexmarkm1145Match-

Node

lexmarkm3150dn_firmwareRange≤lw74.pr2.p267

AND

lexmarkm3150dnMatch-

Node

lexmarkms610de_firmwareRange≤lw74.pr4.p267

AND

lexmarkms610deMatch-

Node

lexmarkm3150_firmwareRange≤lw74.pr4.p267

AND

lexmarkm3150Match-

Node

lexmarkms71x_firmwareRange≤lw74.dn2.p267

AND

lexmarkms71xMatch-

Node

lexmarkm5163dn_firmwareRange≤lw74.dn2.p267

AND

lexmarkm5163dnMatch-

Node

lexmarkms810_firmwareRange≤lw74.dn2.p267

AND

lexmarkms810Match-

Node

lexmarkms811_firmwareRange≤lw74.dn2.p267

AND

lexmarkms811Match-

Node

lexmarkms812_firmwareRange≤lw74.dn2.p267

AND

lexmarkms812Match-

Node

lexmarkms817_firmwareRange≤lw74.dn2.p267

AND

lexmarkms817Match-

Node

lexmarkms818Match-

AND

lexmarkms818_firmwareRange≤lw74.dn2.p267

Node

lexmarkms810deMatch-

AND

lexmarkms810de_firmwareRange≤lw74.dn4.p267

Node

lexmarkm5155Match-

AND

lexmarkm5155_firmwareRange≤lw74.dn4.p267

Node

lexmarkm5163Match-

AND

lexmarkm5163_firmwareRange≤lw74.dn4.p267

Node

lexmarkms812deMatch-

AND

lexmarkms812de_firmwareRange≤lw74.dn7.p267

Node

lexmarkm5170Match-

AND

lexmarkm5170_firmwareRange≤lw74.dn7.p267

Node

lexmarkms91xMatch-

AND

lexmarkms91x_firmwareRange≤lw74.sa.p267

Node

lexmarkmx31xMatch-

AND

lexmarkmx31x_firmwareRange≤lw74.sb2.p267

Node

lexmarkxm1135_firmwareRange≤lw74.sb2.p267

AND

lexmarkxm1135Match-

Node

lexmarkmx410_firmwareRange≤lw74.sb4.p267

AND

lexmarkmx410Match-

Node

lexmarkmx510_firmwareRange≤lw74.sb4.p267

AND

lexmarkmx510Match-

Node

lexmarkmx511_firmwareRange≤lw74.sb4.p267

AND

lexmarkmx511Match-

Node

lexmarkxm1140_firmwareRange≤lw74.sb4.p267

AND

lexmarkxm1140Match-

Node

lexmarkxm1145_firmwareRange≤lw74.sb4.p267

AND

lexmarkxm1145Match-

Node

lexmarkmx610_firmwareRange≤lw74.sb7.p267

AND

lexmarkmx610Match-

Node

lexmarkmx611_firmwareRange≤lw74.sb7.p267

AND

lexmarkmx611Match-

Node

lexmarkxm3150_firmwareRange≤lw74.sb7.p267

AND

lexmarkxm3150Match-

Node

lexmarkmx71x_firmwareRange≤lw74.tu.p267

AND

lexmarkmx71xMatch-

Node

lexmarkmx81x_firmwareRange≤lw74.tu.p267

AND

lexmarkmx81xMatch-

Node

lexmarkxm51xx_firmwareRange≤lw74.tu.p267

AND

lexmarkxm51xxMatch-

Node

lexmarkxm71xx_firmwareRange≤lw74.tu.p267

AND

lexmarkxm71xxMatch-

Node

lexmarkmx91x_firmwareRange≤lw74.mg.p267

AND

lexmarkmx91xMatch-

Node

lexmarkxm91x_firmwareRange≤lw74.mg.p267

AND

lexmarkxm91xMatch-

Node

lexmarkmx6500e_firmwareRange≤lw74.jd.p267

AND

lexmarkmx6500eMatch-

Node

lexmarkc746_firmwareRange≤lhs60.cm2.p731

AND

lexmarkc746Match-

Node

lexmarkc748_firmwareRange≤lhs60.cm4.p735

AND

lexmarkc748Match-

Node

lexmarkcs748_firmwareRange≤lhs60.cm4.p735

AND

lexmarkcs748Match-

Node

lexmarkc792_firmwareRange≤lhs60.hc.p735

AND

lexmarkc792Match-

Node

lexmarkcs796_firmwareRange≤lhs60.hc.p735

AND

lexmarkcs796Match-

Node

lexmarkc925_firmwareRange≤lhs60.hv.p735

AND

lexmarkc925Match-

Node

lexmarkc950_firmwareRange≤lhs60.tp.p735

AND

lexmarkc950Match-

Node

lexmarkx548_firmwareRange≤lhs60.vk.p735

AND

lexmarkx548Match-

Node

lexmarkxs548_firmwareRange≤lhs60.vk.p735

AND

lexmarkxs548Match-

Node

lexmarkx74x_firmwareRange≤lhs60.ny.p735

AND

lexmarkx74xMatch-

Node

lexmarkxs748_firmwareRange≤lhs60.ny.p735

AND

lexmarkxs748Match-

Node

lexmarkx792_firmwareRange≤lhs60.mr.p735

AND

lexmarkx792Match-

Node

lexmarkxs79x_firmwareRange≤lhs60.mr.p735

AND

lexmarkxs79xMatch-

Node

lexmarkx925_firmwareRange≤lhs60.hk.p735

AND

lexmarkx925Match-

Node

lexmarkxs925_firmwareRange≤lhs60.hk.p735

AND

lexmarkxs925Match-

Node

lexmarkx95x_firmwareRange≤lhs60.tq.p735

AND

lexmarkx95xMatch-

Node

lexmarkxs95x_firmwareRange≤lhs60.tq.p735

AND

lexmarkxs95xMatch-

Node

lexmark6500e_firmwareRange≤lhs60.jr.p735

AND

lexmark6500eMatch-

Node

lexmarkc734_firmwareRange≤lr.sk.p822

AND

lexmarkc734Match-

Node

lexmarkc736_firmwareRange≤lr.ske.p822

AND

lexmarkc736Match-

Node

lexmarke46x_firmwareRange≤lr.lbh.p822

AND

lexmarke46xMatch-

Node

lexmarkt65x_firmwareRange≤lr.jp.p822

AND

lexmarkt65xMatch-

Node

lexmarkx46x_firmwareRange≤lr.bs.p822

AND

lexmarkx46xMatch-

Node

lexmarkx65x_firmwareRange≤lr.mn.p822

AND

lexmarkx65xMatch-

Node

lexmarkx73x_firmwareRange≤lr.fl.p822

AND

lexmarkx73xMatch-

Node

lexmarkw850_firmwareRange≤lp.jb.p821

AND

lexmarkw850Match-

Node

lexmarkx86x_firmwareRange≤lp.sp.p821

AND

lexmarkx86xMatch-

CPENameOperatorVersion
lexmark:cs31x_firmwarelexmark cs31x firmwarelelw74.vyl.p267

CPE	Name	Operator	Version
lexmark:cs31x_firmware	lexmark cs31x firmware	le	lw74.vyl.p267

References

support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

22.5%

JSON

Related for CVE-2019-19772

cvelist1 prion1 nvd1