Lucene search
HistorySep 13, 2023 - 9:15 p.m.
CVE-2023-4568
papercut ng
unauthenticated command
xmlrpc
vulnerability
version 22.0.12
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.013
Percentile
86.3%
PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.
Affected configurations
Node
papercutpapercut_ngRange≤22.0.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| papercut | papercut_ng | * | cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* |
Related
nuclei
nuclei
PaperCut NG Unauthenticated XMLRPC Functionality
2023-09-18 17:36:47
prion
prion
Design/Logic Flaw
2023-09-13 21:15:00
cvelist
cvelist
CVE-2023-4568 PaperCut NG Unauthenticated XMLRPC
2023-09-13 20:28:52
githubexploit
githubexploit
Exploit for Improper Authentication in Papercut Papercut Ng
2024-05-20 17:41:47
cve
cve
CVE-2023-4568
2023-09-13 21:15:07
vulnrichment
vulnrichment
CVE-2023-4568 PaperCut NG Unauthenticated XMLRPC
2023-09-13 20:28:52
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.013
Percentile
86.3%
Related for NVD:CVE-2023-4568