CVE-2011-3269
HIGHCVSS 7.5/10EPSS 1.10%
Last modified
CVE-2011-3269 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.. EPSS estimates a 1.10% chance of exploitation in the next 30 days.
Description
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lexmark | X950 Firmware | <= lhs1.tq.p145h |
| Lexmark | X952 Firmware | <= lhs1.tq.p145h |
| Lexmark | X954 Firmware | <= lhs1.tq.p145h |
| Lexmark | X940e Firmware | <= lc.br.p051hds |
| Lexmark | X945e Firmware | <= lc.br.p051hds |
| Lexmark | X925de Firmware | <= lhs1.hk.p136l |
| Lexmark | X860 Firmware | <= lp.sp.p510b |
| Lexmark | X862 Firmware | <= lp.sp.p510b |
| Lexmark | X864 Firmware | <= lp.sp.p510b |
| Lexmark | X850 Firmware | <= lc4.be.p457s |
| Lexmark | X852 Firmware | <= lc4.be.p457s |
| Lexmark | X854 Firmware | <= lc4.be.p457s |
| Lexmark | X792de Firmware | <= lhs1.mr.p135l |
| Lexmark | X782e Firmware | <= lc2.to.p305cs |
| Lexmark | X772e Firmware | <= lc.tr.p275s |
| Lexmark | X734 Firmware | <= lr.fl.p510b |
| Lexmark | X736 Firmware | <= lr.fl.p510b |
| Lexmark | X738 Firmware | <= lr.fl.p510b |
| Lexmark | X650 Firmware | <= lr.mn.p510b |
| Lexmark | X644 Firmware | <= lc2.mc.p307as |
| Lexmark | X646 Firmware | <= lc2.mc.p307as |
| Lexmark | X642 Firmware | <= lc2.mb.p307cs |
| Lexmark | X548de Firmware | <= lhs1.vk.p141i |
| Lexmark | X546 Firmware | <= ll.el.p433 |
| Lexmark | X543 Firmware | <= ll.el.p433 |
| Lexmark | X544 Firmware | <= ll.el.p433 |
| Lexmark | X46x Firmware | <= lr.bs.p510b |
| Lexmark | X422 Firmware | <= gn.aq.p202 |
| Lexmark | X36x Firmware | <= ll.bz.p433 |
| Lexmark | X34x Firmware | <= 401.ec4 |
| Lexmark | X264 Firmware | <= lm1.mt.p232 |
| Lexmark | W850 Firmware | <= lp.jb.p510 |
| Lexmark | W840 Firmware | <= ls.ha.p121s |
| Lexmark | T656 Firmware | <= lsj.sj.p019s |
| Lexmark | T650 Firmware | <= lr.jp.p510 |
| Lexmark | T652 Firmware | <= lr.jp.p510 |
| Lexmark | T654 Firmware | <= lr.jp.p510 |
| Lexmark | T640 Firmware | <= ls.st.p240s |
| Lexmark | T642 Firmware | <= ls.st.p240s |
| Lexmark | T644 Firmware | <= ls.st.p240s |
| Lexmark | T440 Firmware | <= jx.ju.p101 |
| Lexmark | E462 Firmware | <= lr.lbh.p510 |
| Lexmark | E460 Firmware | <= lr.lbh.p510 |
| Lexmark | E450 Firmware | <= lm.sz.p113vcref |
| Lexmark | E350 Firmware | <= le.ph.p121 |
| Lexmark | E340 Firmware | <= br.h.p204 |
| Lexmark | E342 Firmware | <= br.h.p204 |
| Lexmark | E330 Firmware | <= 141.c09 |
| Lexmark | E332n Firmware | <= 141.c09 |
| Lexmark | E234 Firmware | <= 141.c09 |
Showing 50 of 84 affected configurations. See NVD for the full list.
References
- http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdfThird Party Advisory
- http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdfThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-3269?
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
How severe is CVE-2011-3269?
CVE-2011-3269 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.10% probability of exploitation in the next 30 days.
How do I fix CVE-2011-3269?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2011-3269?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST