CVE-2024-1884 Server Side Request Forgery in PaperCut NG/MF

🗓️ 14 Mar 2024 03:11:48Reported by PaperCutType

Server-Side Request Forgery (SSRF) vulnerability in PaperCut NG/M

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-1884	14 Mar 202405:21	–	circl
CNNVD	PaperCut NG Security Vulnerability	14 Mar 202400:00	–	cnnvd
CVE	CVE-2024-1884	14 Mar 202403:11	–	cve
NVD	CVE-2024-1884	14 Mar 202404:15	–	nvd
OSV	CVE-2024-1884	14 Mar 202404:15	–	osv
Tenable Nessus	PaperCut MF < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Tenable Nessus	PaperCut NG < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Prion	Server side request forgery (ssrf)	14 Mar 202404:15	–	prion
Positive Technologies	PT-2024-18391 · Papercut · Papercut Ng/Mf	14 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-1884	23 May 202509:57	–	redhatcve

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "MacOS",
      "Linux",
      "Windows"
    ],
    "product": "PaperCut NG, PaperCut MF",
    "vendor": "PaperCut",
    "versions": [
      {
        "changes": [
          {
            "at": "23.0.7",
            "status": "unaffected"
          }
        ],
        "lessThan": "23.0.7",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "22.1.5",
            "status": "unaffected"
          }
        ],
        "lessThan": "22.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "21.2.14",
            "status": "unaffected"
          }
        ],
        "lessThan": "21.2.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "20.1.10",
            "status": "unaffected"
          }
        ],
        "lessThan": "20.1.10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
papercut	www.papercut.com/kb/Main/Security-Bulletin-March-2024

14 Mar 2024 03:11Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.5

EPSS0.09237

CWE-918