This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state.
References
| Link | Resource |
|---|---|
| https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 | Vendor Advisory |
| https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
23 Jan 2025, 20:29
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-Other | |
| References | () https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 - Vendor Advisory | |
| First Time |
Apple macos
Linux linux Kernel Papercut Papercut papercut Ng Apple Microsoft Linux Microsoft windows Papercut papercut Mf |
|
| CPE | cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
21 Nov 2024, 08:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.papercut.com/kb/Main/Security-Bulletin-March-2024 - |
26 Sep 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-488 |
14 Mar 2024, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-14 03:15
Updated : 2025-01-23 20:29
NVD link : CVE-2024-1223
Mitre link : CVE-2024-1223
CVE.ORG link : CVE-2024-1223
JSON object : View
Products Affected
papercut
- papercut_mf
- papercut_ng
microsoft
- windows
linux
- linux_kernel
apple
- macos
CWE