cbcvebase.
CVE-2014-4338
published 2014-06-22

CVE-2014-4338: cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a…

PriorityP426medium4CVSS 2.0
AVNACHAuNCPIPAN
EPSS
3.01%
85.7th percentile
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.

Affected

6 ranges
VendorProductVersion rangeFixed in
debiancups-filters< cups-filters 1.0.53-1 (bookworm)cups-filters 1.0.53-1 (bookworm)
linuxfoundationcups-filters<= 1.0.52
linuxfoundationcups-filters>= 0 < 1.0.53-11.0.53-1
linuxfoundationcups-filters>= 0 < 1.0.53-11.0.53-1
linuxfoundationcups-filters>= 0 < 1.0.53-11.0.53-1
linuxfoundationcups-filters>= 0 < 1.0.53-11.0.53-1

CVSS provenance

nvdv2.04.0MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:N
osv4.0MEDIUM
vendor_debian4.0MEDIUM
vendor_redhat4.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.