CVE-2024-1223 Improper authorization controls in PaperCut NG/MF

🗓️ 14 Mar 2024 03:04:43Reported by PaperCutType

Improper authorization control in PaperCut NG/MF allows unauthorized enumeration of information from embedded device API

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2024-1223	14 Mar 202404:21	–	circl
CNNVD	PaperCut NG Security Vulnerability	14 Mar 202400:00	–	cnnvd
CVE	CVE-2024-1223	14 Mar 202403:04	–	cve
EUVD	EUVD-2024-16990	3 Oct 202520:07	–	euvd
NVD	CVE-2024-1223	14 Mar 202403:15	–	nvd
OSV	CVE-2024-1223	14 Mar 202403:15	–	osv
Tenable Nessus	PaperCut MF < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Tenable Nessus	PaperCut NG < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Prion	CVE-2024-1223	14 Mar 202422:46	–	prion
Positive Technologies	PT-2024-17496 · Papercut · Papercut Ng	14 Mar 202400:00	–	ptsecurity

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "MacOS",
      "Linux",
      "Windows"
    ],
    "product": "PaperCut NG, PaperCut MF",
    "vendor": "PaperCut",
    "versions": [
      {
        "changes": [
          {
            "at": "23.0.7",
            "status": "unaffected"
          }
        ],
        "lessThan": "23.0.7",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "22.1.5",
            "status": "unaffected"
          }
        ],
        "lessThan": "22.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "21.2.14",
            "status": "unaffected"
          }
        ],
        "lessThan": "21.2.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "20.1.10",
            "status": "unaffected"
          }
        ],
        "lessThan": "20.1.10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
papercut	www.papercut.com/kb/Main/Security-Bulletin-March-2024

26 Sep 2024 03:50Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.14.8

EPSS0.00445

CWE-488