CVE-2011-4538 : Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain se

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

Published 2020-03-09 19:15:12

Updated 2020-03-10 19:55:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2011-4538

Lexmark » C734 Firmware
Versions up to, including, (<=) lr.sk.p224a
cpe:2.3:o:lexmark:c734_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C734 » Version: N/A
Lexmark » C736 Firmware
Versions up to, including, (<=) lr.sk.p224a
cpe:2.3:o:lexmark:c736_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C736 » Version: N/A
Lexmark » W850 Firmware
Versions up to, including, (<=) lp.jb.p108
cpe:2.3:o:lexmark:w850_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » W850 » Version: N/A
Lexmark » X860 Firmware
Versions up to, including, (<=) lp.sp.p108
cpe:2.3:o:lexmark:x860_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X860 » Version: N/A
Lexmark » X862 Firmware
Versions up to, including, (<=) lp.sp.p108
cpe:2.3:o:lexmark:x862_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X862 » Version: N/A
Lexmark » X864 Firmware
Versions up to, including, (<=) lp.sp.p108
cpe:2.3:o:lexmark:x864_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X864 » Version: N/A
Lexmark » X734 Firmware
Versions up to, including, (<=) lr.fl.p224c
cpe:2.3:o:lexmark:x734_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X734 » Version: N/A
Lexmark » X736 Firmware
Versions up to, including, (<=) lr.fl.p224c
cpe:2.3:o:lexmark:x736_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X736 » Version: N/A
Lexmark » X738 Firmware
Versions up to, including, (<=) lr.fl.p224c
cpe:2.3:o:lexmark:x738_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X738 » Version: N/A
Lexmark » X546 Firmware
Versions up to, including, (<=) ll.el.p511
cpe:2.3:o:lexmark:x546_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X546 » Version: N/A
Lexmark » X543 Firmware
Versions up to, including, (<=) ll.el.p511
cpe:2.3:o:lexmark:x543_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X543 » Version: N/A
Lexmark » X544 Firmware
Versions up to, including, (<=) ll.el.p511
cpe:2.3:o:lexmark:x544_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X544 » Version: N/A
Lexmark » T650 Firmware
Versions up to, including, (<=) lr.jp.p224a
cpe:2.3:o:lexmark:t650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » T650 » Version: N/A
Lexmark » T652 Firmware
Versions up to, including, (<=) lr.jp.p224a
cpe:2.3:o:lexmark:t652_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » T652 » Version: N/A
Lexmark » T654 Firmware
Versions up to, including, (<=) lr.jp.p224a
cpe:2.3:o:lexmark:t654_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » T654 » Version: N/A
Lexmark » E462 Firmware
Versions up to, including, (<=) lr.lbh.p224a
cpe:2.3:o:lexmark:e462_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » E462 » Version: N/A
Lexmark » E460 Firmware
Versions up to, including, (<=) lr.lbh.p224a
cpe:2.3:o:lexmark:e460_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » E460 » Version: N/A
Lexmark » E360 Firmware
Versions up to, including, (<=) ll.lbm.p511
cpe:2.3:o:lexmark:e360_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » E360 » Version: N/A
Lexmark » E260 Firmware
Versions up to, including, (<=) ll.lbl.p511
cpe:2.3:o:lexmark:e260_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » E260 » Version: N/A
Lexmark » C546 Firmware
Versions up to, including, (<=) lu.as.p511
cpe:2.3:o:lexmark:c546_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C546 » Version: N/A
Lexmark » C540 Firmware
Versions up to, including, (<=) ll.as.p511
cpe:2.3:o:lexmark:c540_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C540 » Version: N/A
Lexmark » X651 Firmware
Versions up to, including, (<=) lr.mn.p224a
cpe:2.3:o:lexmark:x651_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X651 » Version: N/A
Lexmark » X652 Firmware
Versions up to, including, (<=) lr.mn.p224a
cpe:2.3:o:lexmark:x652_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X652 » Version: N/A
Lexmark » X654 Firmware
Versions up to, including, (<=) lr.mn.p224a
cpe:2.3:o:lexmark:x654_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X654 » Version: N/A
Lexmark » X656 Firmware
Versions up to, including, (<=) lr.mn.p224a
cpe:2.3:o:lexmark:x656_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X656 » Version: N/A
Lexmark » X658 Firmware
Versions up to, including, (<=) lr.mn.p224a
cpe:2.3:o:lexmark:x658_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X658 » Version: N/A
Lexmark » X463 Firmware
Versions up to, including, (<=) lr.bs.p224a
cpe:2.3:o:lexmark:x463_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X463 » Version: N/A
Lexmark » X464 Firmware
Versions up to, including, (<=) lr.bs.p224a
cpe:2.3:o:lexmark:x464_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X464 » Version: N/A
Lexmark » X466 Firmware
Versions up to, including, (<=) lr.bs.p224a
cpe:2.3:o:lexmark:x466_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X466 » Version: N/A
Lexmark » X363 Firmware
Versions up to, including, (<=) ll.bz.p511
cpe:2.3:o:lexmark:x363_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X363 » Version: N/A
Lexmark » X364 Firmware
Versions up to, including, (<=) ll.bz.p511
cpe:2.3:o:lexmark:x364_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X364 » Version: N/A
Lexmark » C543 Firmware
Versions up to, including, (<=) ll.as.p511
cpe:2.3:o:lexmark:c543_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C543 » Version: N/A
Lexmark » C544 Firmware
Versions up to, including, (<=) ll.as.p511
cpe:2.3:o:lexmark:c544_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C544 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2011-4538

EPSS FAQ

0.23%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 43 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-4538

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2011-4538

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-4538

http://contentdelivery.lexmark.com/webcontent/CVE-2011-4538.pdf

Third Party Advisory

Jump to

Vulnerability Details : CVE-2011-4538

Products affected by CVE-2011-4538

Exploit prediction scoring system (EPSS) score for CVE-2011-4538

CVSS scores for CVE-2011-4538

CWE ids for CVE-2011-4538

References for CVE-2011-4538