Vulnerability Description
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lexmark | X950 Firmware | <= lhs1.tq.p145h |
| Lexmark | X950 | - |
| Lexmark | X952 Firmware | <= lhs1.tq.p145h |
| Lexmark | X952 | - |
| Lexmark | X954 Firmware | <= lhs1.tq.p145h |
| Lexmark | X954 | - |
| Lexmark | X940E Firmware | <= lc.br.p051hds |
| Lexmark | X940E | - |
| Lexmark | X945E Firmware | <= lc.br.p051hds |
| Lexmark | X945E | - |
| Lexmark | X925De Firmware | <= lhs1.hk.p136l |
| Lexmark | X925De | - |
| Lexmark | X860 Firmware | <= lp.sp.p510b |
| Lexmark | X860 | - |
| Lexmark | X862 Firmware | <= lp.sp.p510b |
| Lexmark | X862 | - |
| Lexmark | X864 Firmware | <= lp.sp.p510b |
| Lexmark | X864 | - |
| Lexmark | X850 Firmware | <= lc4.be.p457s |
| Lexmark | X850 | - |
Related Weaknesses (CWE)
References
- http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdfThird Party Advisory
- http://contentdelivery.lexmark.com/webcontent/Email_shortcut_vulnerability.pdfThird Party Advisory
FAQ
What is CVE-2011-3269?
CVE-2011-3269 is a vulnerability with a CVSS score of 7.5 (HIGH). Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
How severe is CVE-2011-3269?
CVE-2011-3269 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-3269?
Check the references section above for vendor advisories and patch information. Affected products include: Lexmark X950 Firmware, Lexmark X950, Lexmark X952 Firmware, Lexmark X952, Lexmark X954 Firmware.