Strix
26.1K

CVE-2013-6032

UnknownEPSS 3.18%

Last modified

CVE-2013-6032 is a vulnerability of currently unknown severity. cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.. EPSS estimates a 3.18% chance of exploitation in the next 30 days.

Description

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

Metrics

EPSS Probability
3.18%

86.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Lexmark25xxn<= lcl.cu.p114
LexmarkC52x<= ls.fa.p150
LexmarkC53x<= ls.sw.p069
LexmarkC77x<= lc.cm.p052
LexmarkC78x<= lc.io.p187
LexmarkC920<= ls.ta.p152
LexmarkC935dn<= lc.jo.p091
LexmarkE250<= le.pm.p126
LexmarkE350<= le.ph.p129
LexmarkE450<= lm.sz.p124
LexmarkN4000<= lc.md.p119
LexmarkN4050e<= go.go.n206
LexmarkN70xxe<= lc.co.n309
LexmarkT64x<= ls.st.p343
LexmarkW840<= ls.ha.p252
LexmarkX642<= lc2.mb.p318
LexmarkX644<= lc4.be.p487
LexmarkX646<= lc2.mc.p373
LexmarkX64xef<= lc2.ti.p325
LexmarkX772<= lc2.tr.p291
LexmarkX78x<= lc2.io.p335
LexmarkX85x<= lc4.be.p487
LexmarkX94x<= lc.br.p141

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-6032?
cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.
How severe is CVE-2013-6032?
Severity scoring for CVE-2013-6032 is pending analysis. The EPSS model estimates a 3.18% probability of exploitation in the next 30 days.
How do I fix CVE-2013-6032?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6032?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST