CVE-2023-0858

CWE-284Improper Access ControlCWE-287Improper Authentication3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 69.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
46
Canon I-sensys Lbp621cw FirmwareCanon I-sensys Lbp623cdw FirmwareCanon I-sensys Lbp633cdw Firmware+43 more
Timeline
PublishedMay 11

Description

Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF74

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages46 packages

CVEListV5canon_inc./canon_office/small_office_multifunction_printers_and_laser_printersSatera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.

🔴Vulnerability Details

2
GHSA
GHSA-fg53-q2jq-9xxq: Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network s2023-05-11
CVEList
CVE-2023-0858: Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network s2023-05-11