VAR-201601-0529
Vulnerability from variot - Updated: 2023-12-18 12:06Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlAuthentication may be circumvented by a third party using unauthorized detection of the security jumper status. Lexmarkprinter is a printer product from Lexmark. A remote attacker bypasses authentication by incorrect detection of the security-jumper state. Lexmark Laser Printers are prone to a local authentication-bypass vulnerability. A local attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. The following versions are affected: Lexmark printers using ATL versions prior to ATL.02.049, CB versions prior to CB.02.049, PP versions prior to PP.02.049, and YK versions prior to YK.02.049
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0529",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "yk.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "cb.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "atl.02.048"
},
{
"model": "printer",
"scope": "lte",
"trust": 1.0,
"vendor": "lexmark",
"version": "pp.02.048"
},
{
"model": "xc8155de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "pp"
},
{
"model": "cx860de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "pp.02.049"
},
{
"model": "cx860dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "atl"
},
{
"model": "xc6152de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "yk"
},
{
"model": "cs725dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "atl.02.049"
},
{
"model": "xc4150",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "lt",
"trust": 0.8,
"vendor": "lexmark",
"version": "cb"
},
{
"model": "cs820dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "cb.02.049"
},
{
"model": "xc8160dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte",
"scope": null,
"trust": 0.8,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.8,
"vendor": "lexmark",
"version": "yk.02.049"
},
{
"model": "laser printer atl.02.049",
"scope": "lt",
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer cb",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer pp",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "laser printer yk",
"scope": null,
"trust": 0.6,
"vendor": "lexmark",
"version": null
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "atl.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "pp.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "cb.02.048"
},
{
"model": "printer",
"scope": "eq",
"trust": 0.6,
"vendor": "lexmark",
"version": "yk.02.048"
},
{
"model": "xc8160dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc4150 atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de pp.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de atl.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dte yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160 yk.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150 cb.02.048",
"scope": null,
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8160de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc8155de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc6152de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "xc4150 atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx860de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825dte pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx825de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820dtfe pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx820de pp.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dthe atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725dhe atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cx725de atl.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dtfe yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820dte yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs820de yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs725de cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720dte cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "cs720de cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c6160 yk.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
},
{
"model": "c4150 cb.02.049",
"scope": "ne",
"trust": 0.3,
"vendor": "lexmark",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "cb.02.048",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs725de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs720de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:c4150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs725dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs720dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "atl.02.048",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx725dhe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc4150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx725dthe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx725de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "yk.02.048",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs820de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:c6160:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs820dtfe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cs820dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "pp.02.048",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx860dtfe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx860de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc6152de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx820de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc8160dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc8160de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc8155de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx825dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx825dtfe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx825de:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx860dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc8155dte:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:xc6152dtfe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:lexmark:cx820dtfe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "82117"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1896",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-1896",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00801",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-90715",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1896",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1896",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-00801",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-647",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-90715",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlAuthentication may be circumvented by a third party using unauthorized detection of the security jumper status. Lexmarkprinter is a printer product from Lexmark. A remote attacker bypasses authentication by incorrect detection of the security-jumper state. Lexmark Laser Printers are prone to a local authentication-bypass vulnerability. \nA local attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. The following versions are affected: Lexmark printers using ATL versions prior to ATL.02.049, CB versions prior to CB.02.049, PP versions prior to PP.02.049, and YK versions prior to YK.02.049",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "VULHUB",
"id": "VHN-90715"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1896",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-00801",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647",
"trust": 0.6
},
{
"db": "BID",
"id": "82117",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90715",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"id": "VAR-201601-0529",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
}
],
"trust": 1.5
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
}
]
},
"last_update_date": "2023-12-18T12:06:16.229000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TE745",
"trust": 0.8,
"url": "http://support.lexmark.com/index?page=content\u0026id=te745"
},
{
"title": "Lexmark printer competition conditional vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71102"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
},
{
"problemtype": "CWE-254",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://support.lexmark.com/index?page=content\u0026id=te745"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1896"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1896"
},
{
"trust": 0.7,
"url": "http://support.lexmark.com/index?page=content\u0026amp;id=te745"
},
{
"trust": 0.3,
"url": "http://www.lexmark.com/"
},
{
"trust": 0.3,
"url": "http://support.lexmark.com/index?page=content\u0026id=te745\u0026locale=en\u0026userlocale=en_us"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"db": "VULHUB",
"id": "VHN-90715"
},
{
"db": "BID",
"id": "82117"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"date": "2016-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-90715"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "82117"
},
{
"date": "2016-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"date": "2016-01-27T05:59:04.307000",
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00801"
},
{
"date": "2016-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-90715"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "82117"
},
{
"date": "2016-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001341"
},
{
"date": "2016-02-01T01:16:57.730000",
"db": "NVD",
"id": "CVE-2016-1896"
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lexmark Vulnerability that bypasses authentication in printer firmware initialization process",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001341"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-647"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…