CVE-2024-1222

🗓️ 14 Mar 2024 03:03:18Reported by PaperCutType

Vulnerability allowing unauthorized API access

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-1222	14 Mar 202404:21	–	circl
CNNVD	PaperCut NG Security Vulnerability	14 Mar 202400:00	–	cnnvd
Cvelist	CVE-2024-1222 Incorrect authorization controls in PaperCut NG/MF APIs	14 Mar 202403:03	–	cvelist
NVD	CVE-2024-1222	14 Mar 202403:15	–	nvd
OSV	CVE-2024-1222	14 Mar 202403:15	–	osv
Tenable Nessus	PaperCut MF < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Tenable Nessus	PaperCut NG < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Prion	CVE-2024-1222	14 Mar 202422:46	–	prion
Positive Technologies	PT-2024-17490	14 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-1222	5 Feb 202505:39	–	redhatcve

NVD

Node

papercut papercut_mfRange<20.1.10

papercut papercut_mfRange21.0.0–21.2.14

papercut papercut_mfRange22.0.0–22.1.5

papercut papercut_mfRange23.0.1–23.0.7

papercut papercut_ngRange<20.1.10

papercut papercut_ngRange21.0.0–21.2.14

papercut papercut_ngRange22.0.0–22.1.5

papercut papercut_ngRange23.0.1–23.0.7

AND

apple macosMatch-

linux linux_kernelMatch-

microsoft windowsMatch-

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "MacOS",
      "Linux",
      "Windows"
    ],
    "product": "PaperCut NG, PaperCut MF",
    "vendor": "PaperCut",
    "versions": [
      {
        "changes": [
          {
            "at": "23.0.7",
            "status": "unaffected"
          }
        ],
        "lessThan": "23.0.7",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "22.1.5",
            "status": "unaffected"
          }
        ],
        "lessThan": "22.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "21.2.14",
            "status": "unaffected"
          }
        ],
        "lessThan": "21.2.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "20.1.10",
            "status": "unaffected"
          }
        ],
        "lessThan": "20.1.10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
papercut	www.papercut.com/kb/Main/Security-Bulletin-March-2024

23 Jan 2025 20:15Current

8.5High risk

Vulners AI Score8.5

CVSS 3.18.6 - 9.8

EPSS0.02228

SSVC

CWE-250