CVE-2013-6033

Name: CVE-2013-6033
Creator: NVD / NIST
Published: 2014-02-04T05:39:08.213+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.71%

Last modified Jun 16, 2026

CVE-2013-6033 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allow remote authenticated users to inject arbitrary web script or HTML by using (1) SNMP or (2) the Embedded Web Server (EWS) to set the (a) Contact or (b) Location field.. EPSS estimates a 1.71% chance of exploitation in the next 30 days.

Description

Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allow remote authenticated users to inject arbitrary web script or HTML by using (1) SNMP or (2) the Embedded Web Server (EWS) to set the (a) Contact or (b) Location field.

Metrics

EPSS Probability

1.71%

74.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Lexmark	C52x	<= ls.fa.p150
Lexmark	C53x	<= ls.sw.p069
Lexmark	C920	<= ls.ta.p152
Lexmark	C935dn	<= lc.jo.p091
Lexmark	E250	<= le.pm.p126
Lexmark	E350	<= le.ph.p129
Lexmark	E450	<= lm.sz.p124
Lexmark	T64x	<= ls.st.p343
Lexmark	W840	<= ls.ha.p252

References

http://support.lexmark.com/index?page=content&id=TE585Vendor Advisory
http://www.kb.cert.org/vuls/id/108062US Government Resource
http://www.osvdb.org/102752
http://www.securityfocus.com/bid/65277
http://support.lexmark.com/index?page=content&id=TE585Vendor Advisory
http://www.kb.cert.org/vuls/id/108062US Government Resource
http://www.osvdb.org/102752
http://www.securityfocus.com/bid/65277

Timeline

Published: Feb 4, 2014
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-6033?

How severe is CVE-2013-6033?

Severity scoring for CVE-2013-6033 is pending analysis. The EPSS model estimates a 1.71% probability of exploitation in the next 30 days.

How do I fix CVE-2013-6033?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6033?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST