CVE-2013-4614 (GCVE-0-2013-4614)

Vulnerability from cvelistv5 – Published: 2013-06-21 21:00 – Updated: 2024-09-17 01:37

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/rapid7/metasploit-framework/bl…	x_refsource_MISC
	http://www.mattandreko.com/2013/06/canon-y-u-no-s…	x_refsource_MISC
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:52:27.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
          },
          {
            "name": "20130618 Canon Wireless Printer Disclosure \u0026 DoS",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-06-21T21:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
        },
        {
          "name": "20130618 Canon Wireless Printer Disclosure \u0026 DoS",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4614",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb",
              "refsource": "MISC",
              "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
            },
            {
              "name": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html",
              "refsource": "MISC",
              "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
            },
            {
              "name": "20130618 Canon Wireless Printer Disclosure \u0026 DoS",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-4614",
    "datePublished": "2013-06-21T21:00:00Z",
    "dateReserved": "2013-06-17T00:00:00Z",
    "dateUpdated": "2024-09-17T01:37:09.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA808CB1-E232-45A7-8913-03DDD4D967AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A7BF24E-0FE5-41E6-B4AF-5CEC5ED0AB3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C007C65-9187-4593-B236-025831220B8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F038B929-787C-4350-B1A4-F2E0F12969FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A7687B9-537C-47CB-AA7B-DE57725B6E89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"555BD45B-2B53-42BE-B76B-03205EADD821\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD762566-16C3-4391-B3C4-A0247AA082AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C74EB1F2-29DA-4835-B2D0-AB96CB1B4FB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08F6F82C-6EF6-40E6-A6C5-D2B4952B02FC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.\"}, {\"lang\": \"es\", \"value\": \"English/pages_MacUS/wls_set_content.html en impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, y MX922 muestra la contrase\\u00f1a de paso (passphrase) en texto plano, lo que permite a atacantes f\\u00edsicamente pr\\u00f3ximos  obtener informaci\\u00f3n sensible mediante la lectura de la pantalla de una estaci\\u00f3n de trabajo.\"}]",
      "id": "CVE-2013-4614",
      "lastModified": "2024-11-21T01:55:56.013",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-06-21T21:55:01.033",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mattandreko.com/2013/06/canon-y-u-no-security.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mattandreko.com/2013/06/canon-y-u-no-security.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-255\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4614\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-06-21T21:55:01.033\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.\"},{\"lang\":\"es\",\"value\":\"English/pages_MacUS/wls_set_content.html en impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, y MX922 muestra la contrase\u00f1a de paso (passphrase) en texto plano, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos  obtener informaci\u00f3n sensible mediante la lectura de la pantalla de una estaci\u00f3n de trabajo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA808CB1-E232-45A7-8913-03DDD4D967AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A7BF24E-0FE5-41E6-B4AF-5CEC5ED0AB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C007C65-9187-4593-B236-025831220B8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F038B929-787C-4350-B1A4-F2E0F12969FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A7687B9-537C-47CB-AA7B-DE57725B6E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"555BD45B-2B53-42BE-B76B-03205EADD821\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD762566-16C3-4391-B3C4-A0247AA082AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C74EB1F2-29DA-4835-B2D0-AB96CB1B4FB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F6F82C-6EF6-40E6-A6C5-D2B4952B02FC\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mattandreko.com/2013/06/canon-y-u-no-security.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mattandreko.com/2013/06/canon-y-u-no-security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201306-0343

Vulnerability from variot - Updated: 2023-12-18 12:45

English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation. Canon Printer is a printer developed by Canon. Multiple Canon Printers are prone to an information-disclosure vulnerability. A vulnerability exists in English/pages_MacUS/wls_set_content.html in Canon printers due to the program displaying Wi-Fi PSK passwords in clear text. Vulnerabilities exist in the following models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, MX922. The below 3 issues have been tested and verified working on the following Canon Printer models (May affect more, but this is all I was able to test against): MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920

1 (CVE-2013-4613): Canon printers do not require a password for the

administrative interfaces by default. Unauthorized users on the network may configure the printer. If the printer is exposed to the public internet, anonymous users may make configuration changes as well. This should be corrected by requiring a password, even if only a default, but should recommend users to change it upon initial setup of the device.

2 (CVE-2013-4614): The administrative interface on these printers allow a

user to enter a WEP/WPA/WPA2 pre-shared key. Once a key is entered, when a user browses the configuration page again, they can view the current password in clear-text. Once a password is configured, it should not allow the user to read it again. If the user wants to change the password, they should be required to enter a new one, which then overwrites the old one.

3 (CVE-2013-4615): There is a denial of service condition in the

administrative interface on the devices. Using specially crafted HTTP requests, it is possible to cause the device to no longer respond. This requires the device to be turned off, and then back on again, to which the printer will display a message about not being properly turned off, on the display (if model has a display).

I have disclosed all 3 of these issues to Canon, and unfortunately they do not feel it is necessary to fix them (In all fairness, they're not super high severity). More details, along with PoC and Metasploit modules are available here: * http://www.mattandreko.com/2013/06/canon-y-u-no-security.html*

Timeline: May 27, 2013: Initial Email to vendor's support May 28, 2013: Vendor support emailed for additional details May 28, 2013: Sent a proof-of-concept exploit for the DoS vulnerability to vendor May 30, 2013: Vendor escalated issue internally June 4, 2013: Vendor notification that issue has been escalated to manufacturer June 14, 2013: Vendor notification that they will not fix issues June 18, 2013: Public Disclosure

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0343",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mx922 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mp340 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mg6100 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mg3100 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mx870 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mp495 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mg5300 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mx890 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "mx920 printer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixma mp495",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixma mx340",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixma mx920",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixma mx922",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixus mg3130",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixus mg5330",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixus mg6130",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixus mx870",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "pixus mx893",
        "scope": null,
        "trust": 0.8,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mg3100",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mg5300",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mg6100",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mp495",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mx340",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mx870",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mx890",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      },
      {
        "model": "printer mx920",
        "scope": null,
        "trust": 0.6,
        "vendor": "canon",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Matt Andreko",
    "sources": [
      {
        "db": "BID",
        "id": "60601"
      },
      {
        "db": "PACKETSTORM",
        "id": "122073"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2013-4614",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2013-4614",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-07717",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-64616",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-4614",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-07717",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-389",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64616",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation. Canon Printer is a printer developed by Canon. Multiple Canon Printers are prone to an information-disclosure vulnerability. A vulnerability exists in English/pages_MacUS/wls_set_content.html in Canon printers due to the program displaying Wi-Fi PSK passwords in clear text. Vulnerabilities exist in the following models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, MX922. The below 3 issues have been tested and verified working on the following\nCanon Printer models (May affect more, but this is all I was able to test\nagainst):\nMG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920\n\n#1 (CVE-2013-4613): Canon printers do not require a password for the\nadministrative interfaces by default. Unauthorized users on the network may\nconfigure the printer. If the printer is exposed to the public internet,\nanonymous users may make configuration changes as well. This should be\ncorrected by requiring a password, even if only a default, but should\nrecommend users to change it upon initial setup of the device. \n\n#2 (CVE-2013-4614): The administrative interface on these printers allow a\nuser to enter a WEP/WPA/WPA2 pre-shared key. Once a key is entered, when a\nuser browses the configuration page again, they can view the current\npassword in clear-text. Once a password is configured, it should not allow\nthe user to read it again. If the user wants to change the password, they\nshould be required to enter a new one, which then overwrites the old one. \n\n#3 (CVE-2013-4615): There is a denial of service condition in the\nadministrative interface on the devices. Using specially crafted HTTP\nrequests, it is possible to cause the device to no longer respond. This\nrequires the device to be turned off, and then back on again, to which the\nprinter will display a message about not being properly turned off, on the\ndisplay (if model has a display). \n\nI have disclosed all 3 of these issues to Canon, and unfortunately they do\nnot feel it is necessary to fix them (In all fairness, they\u0027re not super\nhigh severity). More details, along with PoC and Metasploit modules are\navailable here: *\nhttp://www.mattandreko.com/2013/06/canon-y-u-no-security.html*\n\nTimeline:\nMay 27, 2013: Initial Email to vendor\u0027s support\nMay 28, 2013: Vendor support emailed for additional details\nMay 28, 2013: Sent a proof-of-concept exploit for the DoS vulnerability to\nvendor\nMay 30, 2013: Vendor escalated issue internally\nJune 4, 2013: Vendor notification that issue has been escalated to\nmanufacturer\nJune 14, 2013: Vendor notification that they will not fix issues\nJune 18, 2013: Public Disclosure\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "BID",
        "id": "60601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "PACKETSTORM",
        "id": "122073"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4614",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "60601",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20130618 CANON WIRELESS PRINTER DISCLOSURE \u0026 DOS",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "122073",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "BID",
        "id": "60601"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "PACKETSTORM",
        "id": "122073"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "id": "VAR-201306-0343",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      }
    ],
    "trust": 1.4083333624999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:45:32.505000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "PIXUS \u5546\u54c1\u4e00\u89a7",
        "trust": 0.8,
        "url": "http://cweb.canon.jp/pixus/lineup/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
      },
      {
        "trust": 2.5,
        "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4614"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4614"
      },
      {
        "trust": 0.6,
        "url": "http://seclists.org/fulldisclosure/2013/jun/145"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/60601"
      },
      {
        "trust": 0.3,
        "url": "http://www.canon.com/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4614"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4615"
      },
      {
        "trust": 0.1,
        "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html*"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4613"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "BID",
        "id": "60601"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "PACKETSTORM",
        "id": "122073"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "db": "BID",
        "id": "60601"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "db": "PACKETSTORM",
        "id": "122073"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "date": "2013-06-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "BID",
        "id": "60601"
      },
      {
        "date": "2013-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "date": "2013-06-18T14:23:23",
        "db": "PACKETSTORM",
        "id": "122073"
      },
      {
        "date": "2013-06-21T21:55:01.033000",
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-08-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07717"
      },
      {
        "date": "2013-06-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64616"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "BID",
        "id": "60601"
      },
      {
        "date": "2013-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      },
      {
        "date": "2013-06-24T22:30:41.597000",
        "db": "NVD",
        "id": "CVE-2013-4614"
      },
      {
        "date": "2013-09-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Canon Vulnerability in collecting important information in printers",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003112"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-389"
      }
    ],
    "trust": 0.6
  }
}

GSD-2013-4614

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-4614

Aliases

CVE-2013-4614

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4614",
    "description": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.",
    "id": "GSD-2013-4614",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2013-4614"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4614"
      ],
      "details": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.",
      "id": "GSD-2013-4614",
      "modified": "2023-12-13T01:22:15.886206Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-4614",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb",
            "refsource": "MISC",
            "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
          },
          {
            "name": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html",
            "refsource": "MISC",
            "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
          },
          {
            "name": "20130618 Canon Wireless Printer Disclosure \u0026 DoS",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4614"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb",
              "refsource": "MISC",
              "tags": [],
              "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
            },
            {
              "name": "20130618 Canon Wireless Printer Disclosure \u0026 DoS",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
            },
            {
              "name": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-06-24T22:30Z",
      "publishedDate": "2013-06-21T21:55Z"
    }
  }
}

GHSA-XQ8C-W262-V25H

Vulnerability from github – Published: 2022-05-17 05:08 – Updated: 2022-05-17 05:08

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4614"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-06-21T21:55:00Z",
    "severity": "LOW"
  },
  "details": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.",
  "id": "GHSA-xq8c-w262-v25h",
  "modified": "2022-05-17T05:08:17Z",
  "published": "2022-05-17T05:08:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4614"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2013-4614

Vulnerability from fkie_nvd - Published: 2013-06-21 21:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
	cve@mitre.org	http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
	cve@mitre.org	https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb
	af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb

Impacted products

Vendor	Product	Version
canon	mg3100_printer	-
canon	mg5300_printer	-
canon	mg6100_printer	-
canon	mp340_printer	-
canon	mp495_printer	-
canon	mx870_printer	-
canon	mx890_printer	-
canon	mx920_printer	-
canon	mx922_printer	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA808CB1-E232-45A7-8913-03DDD4D967AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7BF24E-0FE5-41E6-B4AF-5CEC5ED0AB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C007C65-9187-4593-B236-025831220B8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F038B929-787C-4350-B1A4-F2E0F12969FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7687B9-537C-47CB-AA7B-DE57725B6E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "555BD45B-2B53-42BE-B76B-03205EADD821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD762566-16C3-4391-B3C4-A0247AA082AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C74EB1F2-29DA-4835-B2D0-AB96CB1B4FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F6F82C-6EF6-40E6-A6C5-D2B4952B02FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation."
    },
    {
      "lang": "es",
      "value": "English/pages_MacUS/wls_set_content.html en impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, y MX922 muestra la contrase\u00f1a de paso (passphrase) en texto plano, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos  obtener informaci\u00f3n sensible mediante la lectura de la pantalla de una estaci\u00f3n de trabajo."
    }
  ],
  "id": "CVE-2013-4614",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-21T21:55:01.033",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-4614 (GCVE-0-2013-4614)

VAR-201306-0343

1 (CVE-2013-4613): Canon printers do not require a password for the

2 (CVE-2013-4614): The administrative interface on these printers allow a

3 (CVE-2013-4615): There is a denial of service condition in the

GSD-2013-4614

GHSA-XQ8C-W262-V25H

FKIE_CVE-2013-4614

Tags

Sightings

Nomenclature