Sign-up

ID

VAR-201908-1622


CVE

CVE-2019-10059


TITLE

Lexmark Vulnerabilities related to security functions in devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-008728

DESCRIPTION

The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices. Lexmark The device contains vulnerabilities related to security functions.Information may be obtained. Lexmark CS31x and others are all printers from Lexmark. This vulnerability is due to the lack of security measures such as authentication, access control, and rights management in network systems or products. The following products and versions are affected: Lexmark CS31x using LW71.VYL.P233 and earlier; CS41x using LW71.VY2.P233 and earlier; CS51x using LW71.VY4.P233 and earlier; using LW71.GM2.P233 and earlier version of the CX310, etc

Trust: 1.71

sources: NVD: CVE-2019-10059 // JVNDB: JVNDB-2019-008728 // VULHUB: VHN-141229

AFFECTED PRODUCTS

vendor:lexmarkmodel:ms315scope:lteversion:lw71.tl2.p233

Trust: 1.0

vendor:lexmarkmodel:x95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:ms417scope:lteversion:lw71.tl2.p233

Trust: 1.0

vendor:lexmarkmodel:xm51xxscope:lteversion:lw71.tu.p233

Trust: 1.0

vendor:lexmarkmodel:xm1135scope:lteversion:lw71.sb2.p233

Trust: 1.0

vendor:lexmarkmodel:ms817scope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:xm91xscope:lteversion:lw71.mg.p233

Trust: 1.0

vendor:lexmarkmodel:c748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:x46xscope:lteversion:lr.bs.p815

Trust: 1.0

vendor:lexmarkmodel:m5155scope:lteversion:lw71.dn4.p233

Trust: 1.0

vendor:lexmarkmodel:c950scope:lteversion:lhs60.tp.p705

Trust: 1.0

vendor:lexmarkmodel:c734scope:lteversion:lr.sk.p815

Trust: 1.0

vendor:lexmarkmodel:mx610scope:lteversion:lw71.sb7.p233

Trust: 1.0

vendor:lexmarkmodel:m3150dnscope:lteversion:lw71.pr2.p233

Trust: 1.0

vendor:lexmarkmodel:ms810descope:lteversion:lw71.dn4.p233

Trust: 1.0

vendor:lexmarkmodel:ms617scope:lteversion:lw71.pr2.p233

Trust: 1.0

vendor:lexmarkmodel:m5170scope:lteversion:lw71.dn7.p233

Trust: 1.0

vendor:lexmarkmodel:mx511scope:lteversion:lw71.sb4.p233

Trust: 1.0

vendor:lexmarkmodel:mx81xscope:lteversion:lw71.tu.p233

Trust: 1.0

vendor:lexmarkmodel:c746scope:lteversion:lhs60.cm2.p705

Trust: 1.0

vendor:lexmarkmodel:x792scope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:xs95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:6500escope:lteversion:lhs60.jr.p705

Trust: 1.0

vendor:lexmarkmodel:x73xscope:lteversion:lr.fl.p815

Trust: 1.0

vendor:lexmarkmodel:mx410scope:lteversion:lw71.sb4.p233

Trust: 1.0

vendor:lexmarkmodel:ms818scope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:ms91xscope:lteversion:lw71.sa.p233

Trust: 1.0

vendor:lexmarkmodel:m1145scope:lteversion:lw71.pr2.p233

Trust: 1.0

vendor:lexmarkmodel:cs796scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:x74xscope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:ms71xscope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:m5163scope:lteversion:lw71.dn4.p233

Trust: 1.0

vendor:lexmarkmodel:mx91xscope:lteversion:lw71.mg.p233

Trust: 1.0

vendor:lexmarkmodel:xs548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:e46xscope:lteversion:lr.lbh.p815

Trust: 1.0

vendor:lexmarkmodel:t65xscope:lteversion:lr.jp.p815

Trust: 1.0

vendor:lexmarkmodel:ms317scope:lteversion:lw71.prl.p233

Trust: 1.0

vendor:lexmarkmodel:cs41xscope:lteversion:lw71.vy2.p233

Trust: 1.0

vendor:lexmarkmodel:c925scope:lteversion:lhs60.hv.p705

Trust: 1.0

vendor:lexmarkmodel:xs925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:c736scope:lteversion:lr.ske.p815

Trust: 1.0

vendor:lexmarkmodel:cs748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:ms610dnscope:lteversion:lw71.pr2.p233

Trust: 1.0

vendor:lexmarkmodel:ms310scope:lteversion:lw71.prl.p233

Trust: 1.0

vendor:lexmarkmodel:xm3150scope:lteversion:lw71.sb7.p233

Trust: 1.0

vendor:lexmarkmodel:m1140scope:lteversion:lw71.prl.p233

Trust: 1.0

vendor:lexmarkmodel:cx310scope:lteversion:lw71.gm2.p233

Trust: 1.0

vendor:lexmarkmodel:ms812scope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:x86xscope:lteversion:lp.sp.p815

Trust: 1.0

vendor:lexmarkmodel:ms812descope:lteversion:lw71.dn7.p233

Trust: 1.0

vendor:lexmarkmodel:c792scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:ms312scope:lteversion:lw71.prl.p233

Trust: 1.0

vendor:lexmarkmodel:m5163dnscope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:cs31xscope:lteversion:lw71.vyl.p233

Trust: 1.0

vendor:lexmarkmodel:x65xscope:lteversion:lr.mn.p815

Trust: 1.0

vendor:lexmarkmodel:mx71xscope:lteversion:lw71.tu.p233

Trust: 1.0

vendor:lexmarkmodel:mx6500escope:lteversion:lw71.jd.p233

Trust: 1.0

vendor:lexmarkmodel:mx510scope:lteversion:lw71.sb4.p233

Trust: 1.0

vendor:lexmarkmodel:mx31xscope:lteversion:lw71.sb2.p233

Trust: 1.0

vendor:lexmarkmodel:w850scope:lteversion:lp.jb.p815

Trust: 1.0

vendor:lexmarkmodel:x548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:xm71xxscope:lteversion:lw71.tu.p233

Trust: 1.0

vendor:lexmarkmodel:ms415scope:lteversion:lw71.tl2.p233

Trust: 1.0

vendor:lexmarkmodel:xs748scope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:ms811scope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:x925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:xs79xscope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:ms810scope:lteversion:lw71.dn2.p233

Trust: 1.0

vendor:lexmarkmodel:ms410scope:lteversion:lw71.prl.p233

Trust: 1.0

vendor:lexmarkmodel:ms51xscope:lteversion:lw71.pr2.p233

Trust: 1.0

vendor:lexmarkmodel:mx611scope:lteversion:lw71.sb7.p233

Trust: 1.0

vendor:lexmarkmodel:cs31xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cs41xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cx310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms1140scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms312scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms315scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms317scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms410scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms415scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008728 // NVD: CVE-2019-10059

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10059
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-10059
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201908-2164
value: MEDIUM

Trust: 0.6

VULHUB: VHN-141229
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-10059
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-141229
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10059
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-141229 // JVNDB: JVNDB-2019-008728 // CNNVD: CNNVD-201908-2164 // NVD: CVE-2019-10059

PROBLEMTYPE DATA

problemtype:CWE-254

Trust: 1.9

sources: VULHUB: VHN-141229 // JVNDB: JVNDB-2019-008728 // NVD: CVE-2019-10059

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2164

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-201908-2164

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008728

PATCH
title:TE923url:http://support.lexmark.com/index?page=content&id=TE923&locale=EN&userlocale=EN_US
Trust: 0.8
title:Multiple Lexmark Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97648
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-008728 // 
            
            
            
            CNNVD: CNNVD-201908-2164

EXTERNAL IDS
db:NVDid:CVE-2019-10059
Trust: 2.5
db:JVNDBid:JVNDB-2019-008728
Trust: 0.8
db:CNNVDid:CNNVD-201908-2164
Trust: 0.7
db:VULHUBid:VHN-141229
Trust: 0.1
sources:
            
            
            VULHUB: VHN-141229 // 
            
            
            
            JVNDB: JVNDB-2019-008728 // 
            
            
            
            CNNVD: CNNVD-201908-2164 // 
            
            
            
            NVD: CVE-2019-10059

REFERENCES
url:http://support.lexmark.com/index?page=content&id=te923&locale=en&userlocale=en_us
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-10059
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10059
Trust: 0.8
url:http://support.lexmark.com/index?page=content&id=te923&locale=en&userlocale=en_us
Trust: 0.1
sources:
            
            
            VULHUB: VHN-141229 // 
            
            
            
            JVNDB: JVNDB-2019-008728 // 
            
            
            
            CNNVD: CNNVD-201908-2164 // 
            
            
            
            NVD: CVE-2019-10059

SOURCES
db:VULHUBid:VHN-141229
db:JVNDBid:JVNDB-2019-008728
db:CNNVDid:CNNVD-201908-2164
db:NVDid:CVE-2019-10059

LAST UPDATE DATE
2024-11-23T21:59:43+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-141229date:2019-09-03T00:00:00
db:JVNDBid:JVNDB-2019-008728date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2164date:2019-09-04T00:00:00
db:NVDid:CVE-2019-10059date:2024-11-21T04:18:18.470

SOURCES RELEASE DATE
db:VULHUBid:VHN-141229date:2019-08-28T00:00:00
db:JVNDBid:JVNDB-2019-008728date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2164date:2019-08-28T00:00:00
db:NVDid:CVE-2019-10059date:2019-08-28T22:15:11.703