CVE-2019-10059 : The legacy finger service (TCP port 79) is enabled by default on various older L

The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.

Published 2019-08-28 22:15:12

Updated 2019-09-03 16:03:11

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2019-10059

Lexmark » Cx310 Firmware
Versions up to, including, (<=) lw71.gm2.p233
cpe:2.3:o:lexmark:cx310_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Cx310 » Version: N/A
Lexmark » Mx31x Firmware
Versions up to, including, (<=) lw71.sb2.p233
cpe:2.3:o:lexmark:mx31x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx31x » Version: N/A
Lexmark » Xm3150 Firmware
Versions up to, including, (<=) lw71.sb7.p233
cpe:2.3:o:lexmark:xm3150_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xm3150 » Version: N/A
Lexmark » Mx71x Firmware
Versions up to, including, (<=) lw71.tu.p233
cpe:2.3:o:lexmark:mx71x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx71x » Version: N/A
Lexmark » Mx81x Firmware
Versions up to, including, (<=) lw71.tu.p233
cpe:2.3:o:lexmark:mx81x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx81x » Version: N/A
Lexmark » Xm51xx Firmware
Versions up to, including, (<=) lw71.tu.p233
cpe:2.3:o:lexmark:xm51xx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xm51xx » Version: N/A
Lexmark » Xm71xx Firmware
Versions up to, including, (<=) lw71.tu.p233
cpe:2.3:o:lexmark:xm71xx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xm71xx » Version: N/A
Lexmark » Mx91x Firmware
Versions up to, including, (<=) lw71.mg.p233
cpe:2.3:o:lexmark:mx91x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx91x » Version: N/A
Lexmark » Xm91x Firmware
Versions up to, including, (<=) lw71.mg.p233
cpe:2.3:o:lexmark:xm91x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xm91x » Version: N/A
Lexmark » X74x Firmware
Versions up to, including, (<=) lhs60.ny.p705
cpe:2.3:o:lexmark:x74x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X74x » Version: N/A
Lexmark » Xs79x Firmware
Versions up to, including, (<=) lhs60.mr.p705
cpe:2.3:o:lexmark:xs79x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xs79x » Version: N/A
Lexmark » X95x Firmware
Versions up to, including, (<=) lhs60.tq.p705
cpe:2.3:o:lexmark:x95x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X95x » Version: N/A
Lexmark » Xs95x Firmware
Versions up to, including, (<=) lhs60.tq.p705
cpe:2.3:o:lexmark:xs95x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xs95x » Version: N/A
Lexmark » X46x Firmware
Versions up to, including, (<=) lr.bs.p815
cpe:2.3:o:lexmark:x46x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X46x » Version: N/A
Lexmark » X65x Firmware
Versions up to, including, (<=) lr.mn.p815
cpe:2.3:o:lexmark:x65x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X65x » Version: N/A
Lexmark » X73x Firmware
Versions up to, including, (<=) lr.fl.p815
cpe:2.3:o:lexmark:x73x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X73x » Version: N/A
Lexmark » X86x Firmware
Versions up to, including, (<=) lp.sp.p815
cpe:2.3:o:lexmark:x86x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X86x » Version: N/A
Lexmark » Cs31x Firmware
Versions up to, including, (<=) lw71.vyl.p233
cpe:2.3:o:lexmark:cs31x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Cs31x » Version: N/A
Lexmark » Cs41x Firmware
Versions up to, including, (<=) lw71.vy2.p233
cpe:2.3:o:lexmark:cs41x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Cs41x » Version: N/A
Lexmark » Ms310 Firmware
Versions up to, including, (<=) lw71.prl.p233
cpe:2.3:o:lexmark:ms310_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms310 » Version: N/A
Lexmark » Ms312 Firmware
Versions up to, including, (<=) lw71.prl.p233
cpe:2.3:o:lexmark:ms312_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms312 » Version: N/A
Lexmark » Ms317 Firmware
Versions up to, including, (<=) lw71.prl.p233
cpe:2.3:o:lexmark:ms317_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms317 » Version: N/A
Lexmark » Ms410 Firmware
Versions up to, including, (<=) lw71.prl.p233
cpe:2.3:o:lexmark:ms410_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms410 » Version: N/A
Lexmark » M1140 Firmware
Versions up to, including, (<=) lw71.prl.p233
cpe:2.3:o:lexmark:m1140_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M1140 » Version: N/A
Lexmark » Ms315 Firmware
Versions up to, including, (<=) lw71.tl2.p233
cpe:2.3:o:lexmark:ms315_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms315 » Version: N/A
Lexmark » Ms415 Firmware
Versions up to, including, (<=) lw71.tl2.p233
cpe:2.3:o:lexmark:ms415_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms415 » Version: N/A
Lexmark » Ms417 Firmware
Versions up to, including, (<=) lw71.tl2.p233
cpe:2.3:o:lexmark:ms417_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms417 » Version: N/A
Lexmark » Xm1135 Firmware
Versions up to, including, (<=) lw71.sb2.p233
cpe:2.3:o:lexmark:xm1135_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xm1135 » Version: N/A
Lexmark » Ms51x Firmware
Versions up to, including, (<=) lw71.pr2.p233
cpe:2.3:o:lexmark:ms51x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms51x » Version: N/A
Lexmark » Ms610dn Firmware
Versions up to, including, (<=) lw71.pr2.p233
cpe:2.3:o:lexmark:ms610dn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms610dn » Version: N/A
Lexmark » Ms617 Firmware
Versions up to, including, (<=) lw71.pr2.p233
cpe:2.3:o:lexmark:ms617_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms617 » Version: N/A
Lexmark » M1145 Firmware
Versions up to, including, (<=) lw71.pr2.p233
cpe:2.3:o:lexmark:m1145_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M1145 » Version: N/A
Lexmark » M3150dn Firmware
Versions up to, including, (<=) lw71.pr2.p233
cpe:2.3:o:lexmark:m3150dn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M3150dn » Version: N/A
Lexmark » Ms71x Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms71x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms71x » Version: N/A
Lexmark » M5163dn Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:m5163dn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M5163dn » Version: N/A
Lexmark » Ms810 Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms810_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms810 » Version: N/A
Lexmark » Ms811 Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms811_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms811 » Version: N/A
Lexmark » Ms812 Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms812_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms812 » Version: N/A
Lexmark » Ms817 Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms817_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms817 » Version: N/A
Lexmark » Ms818 Firmware
Versions up to, including, (<=) lw71.dn2.p233
cpe:2.3:o:lexmark:ms818_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms818 » Version: N/A
Lexmark » Ms810de Firmware
Versions up to, including, (<=) lw71.dn4.p233
cpe:2.3:o:lexmark:ms810de_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms810de » Version: N/A
Lexmark » M5155 Firmware
Versions up to, including, (<=) lw71.dn4.p233
cpe:2.3:o:lexmark:m5155_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M5155 » Version: N/A
Lexmark » M5163 Firmware
Versions up to, including, (<=) lw71.dn4.p233
cpe:2.3:o:lexmark:m5163_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M5163 » Version: N/A
Lexmark » Ms812de Firmware
Versions up to, including, (<=) lw71.dn7.p233
cpe:2.3:o:lexmark:ms812de_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms812de » Version: N/A
Lexmark » M5170 Firmware
Versions up to, including, (<=) lw71.dn7.p233
cpe:2.3:o:lexmark:m5170_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » M5170 » Version: N/A
Lexmark » Ms91x Firmware
Versions up to, including, (<=) lw71.sa.p233
cpe:2.3:o:lexmark:ms91x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Ms91x » Version: N/A
Lexmark » Mx410 Firmware
Versions up to, including, (<=) lw71.sb4.p233
cpe:2.3:o:lexmark:mx410_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx410 » Version: N/A
Lexmark » Mx510 Firmware
Versions up to, including, (<=) lw71.sb4.p233
cpe:2.3:o:lexmark:mx510_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx510 » Version: N/A
Lexmark » Mx511 Firmware
Versions up to, including, (<=) lw71.sb4.p233
cpe:2.3:o:lexmark:mx511_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx511 » Version: N/A
Lexmark » Mx610 Firmware
Versions up to, including, (<=) lw71.sb7.p233
cpe:2.3:o:lexmark:mx610_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx610 » Version: N/A
Lexmark » Mx611 Firmware
Versions up to, including, (<=) lw71.sb7.p233
cpe:2.3:o:lexmark:mx611_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx611 » Version: N/A
Lexmark » Mx6500e Firmware
Versions up to, including, (<=) lw71.jd.p233
cpe:2.3:o:lexmark:mx6500e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Mx6500e » Version: N/A
Lexmark » C746 Firmware
Versions up to, including, (<=) lhs60.cm2.p705
cpe:2.3:o:lexmark:c746_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C746 » Version: N/A
Lexmark » C748 Firmware
Versions up to, including, (<=) lhs60.cm4.p705
cpe:2.3:o:lexmark:c748_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C748 » Version: N/A
Lexmark » Cs748 Firmware
Versions up to, including, (<=) lhs60.cm4.p705
cpe:2.3:o:lexmark:cs748_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Cs748 » Version: N/A
Lexmark » C792 Firmware
Versions up to, including, (<=) lhs60.hc.p705
cpe:2.3:o:lexmark:c792_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C792 » Version: N/A
Lexmark » Cs796 Firmware
Versions up to, including, (<=) lhs60.hc.p705
cpe:2.3:o:lexmark:cs796_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Cs796 » Version: N/A
Lexmark » C925 Firmware
Versions up to, including, (<=) lhs60.hv.p705
cpe:2.3:o:lexmark:c925_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C925 » Version: N/A
Lexmark » C950 Firmware
Versions up to, including, (<=) lhs60.tp.p705
cpe:2.3:o:lexmark:c950_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C950 » Version: N/A
Lexmark » X548 Firmware
Versions up to, including, (<=) lhs60.vk.p705
cpe:2.3:o:lexmark:x548_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X548 » Version: N/A
Lexmark » Xs548 Firmware
Versions up to, including, (<=) lhs60.vk.p705
cpe:2.3:o:lexmark:xs548_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xs548 » Version: N/A
Lexmark » Xs748 Firmware
Versions up to, including, (<=) lhs60.ny.p705
cpe:2.3:o:lexmark:xs748_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xs748 » Version: N/A
Lexmark » X792 Firmware
Versions up to, including, (<=) lhs60.mr.p705
cpe:2.3:o:lexmark:x792_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X792 » Version: N/A
Lexmark » X925 Firmware
Versions up to, including, (<=) lhs60.hk.p705
cpe:2.3:o:lexmark:x925_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » X925 » Version: N/A
Lexmark » Xs925 Firmware
Versions up to, including, (<=) lhs60.hk.p705
cpe:2.3:o:lexmark:xs925_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » Xs925 » Version: N/A
Lexmark » 6500e Firmware
Versions up to, including, (<=) lhs60.jr.p705
cpe:2.3:o:lexmark:6500e_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » 6500e » Version: N/A
Lexmark » C734 Firmware
Versions up to, including, (<=) lr.sk.p815
cpe:2.3:o:lexmark:c734_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C734 » Version: N/A
Lexmark » C736 Firmware
Versions up to, including, (<=) lr.ske.p815
cpe:2.3:o:lexmark:c736_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » C736 » Version: N/A
Lexmark » E46x Firmware
Versions up to, including, (<=) lr.lbh.p815
cpe:2.3:o:lexmark:e46x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » E46x » Version: N/A
Lexmark » T65x Firmware
Versions up to, including, (<=) lr.jp.p815
cpe:2.3:o:lexmark:t65x_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » T65x » Version: N/A
Lexmark » W850 Firmware
Versions up to, including, (<=) lp.jb.p815
cpe:2.3:o:lexmark:w850_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Lexmark » W850 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2019-10059

EPSS FAQ

0.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 44 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-10059

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2019-10059

CWE-254

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-10059

http://support.lexmark.com/index?page=content&id=TE923&locale=EN&userlocale=EN_US

Lexmark United States Lexmark Security Advisory: Information Disclosure via Finger Service (CVE-2019-10059)
Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-10059

Products affected by CVE-2019-10059

Exploit prediction scoring system (EPSS) score for CVE-2019-10059

CVSS scores for CVE-2019-10059

CWE ids for CVE-2019-10059

References for CVE-2019-10059