Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvdEcc0f906-8666-484c-bcf8-c3b7520a72f0NVD:CVE-2024-3498
HistoryJun 14, 2024 - 5:15 a.m.

CVE-2024-3498

2024-06-1405:15:49
CWE-250
ecc0f906-8666-484c-bcf8-c3b7520a72f0
web.nvd.nist.gov
1
cve-2024-3498
attackers
printer
web configuration
privilege escalation

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

16.0%

JSON

Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL.

Related

zdi 1
vulnrichment 1
cve 1
cvelist 1
zdi
zdi
Toshiba e-STUDIO2518A vsftpd Incorrect Permission Assignment Privilege Escalation Vulnerability
2024-06-18 00:00:00
vulnrichment
vulnrichment
CVE-2024-3498 Incorrect Permission Assignment Privilege Escalation Vulnerability
2024-06-14 04:20:01
cve
cve
CVE-2024-3498
2024-06-14 05:15:49
cvelist
cvelist
CVE-2024-3498 Incorrect Permission Assignment Privilege Escalation Vulnerability
2024-06-14 04:20:01

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

16.0%

JSON
Related for NVD:CVE-2024-3498
zdi1vulnrichment1cve1cvelist1