CVE-2019-18791

medium

Description

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.

References

http://support.lexmark.com/index?page=content&id=TE933&modifiedDate=02/04/20&actp=LIST_RECENT&userlocale=EN_US&locale=en

http://support.lexmark.com/alerts/

Details

Source: Mitre, NVD

Published: 2020-02-13

Updated: 2020-02-20

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00298

Detections

Analytics