Vulnerability Description
The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attackers to bypass authentication and obtain administrative privileges via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Toshibatec | E-Studio-167 With Network Printer Kit Firmware | t282cn0j421 |
| Toshibatec | E-Studio-181 With Network Printer Kit Firmware | t282cn0j421 |
| Toshibatec | E-Studio-182 With Network Printer Kit Firmware | t282cn0j421 |
| Toshibatec | E-Studio-207 With Network Printer Kit Firmware | t282cn0j421 |
| Toshibatec | E-Studio-232 Firmware | t377sy0j354 |
| Toshibatec | E-Studio-2330C Firmware | t450sy0j302 |
| Toshibatec | E-Studio-2500C Firmware | t380sy0j354 |
| Toshibatec | E-Studio-255 Firmware | t470sy0j302 |
| Toshibatec | E-Studio-255P Firmware | t470sy0j302 |
| Toshibatec | E-Studio-281C Firmware | t410sy0j354 |
| Toshibatec | E-Studio-282 Firmware | t377sy0j354 |
| Toshibatec | E-Studio-2830C Firmware | t450sy0j302 |
| Toshibatec | E-Studio-3500C Firmware | t380sy0j354 |
| Toshibatec | E-Studio-3510C Firmware | t380sy0j354 |
| Toshibatec | E-Studio-351C Firmware | t410sy0j354 |
| Toshibatec | E-Studio-352 Firmware | t364sy0j354 |
| Toshibatec | E-Studio-3520C Firmware | t450sy0j302 |
| Toshibatec | E-Studio-355 Firmware | t470sy0j302 |
| Toshibatec | E-Studio-451C Firmware | t410sy0j354 |
| Toshibatec | E-Studio-452 Firmware | t364sy0j354 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN92830293/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000028
- http://www.toshibatec.co.jp/information/2012/20120405/
- http://jvn.jp/en/jp/JVN92830293/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000028
- http://www.toshibatec.co.jp/information/2012/20120405/
FAQ
What is CVE-2012-1239?
CVE-2012-1239 is a vulnerability with a CVSS score of 10.0 (HIGH). The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attackers...
How severe is CVE-2012-1239?
CVE-2012-1239 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1239?
Check the references section above for vendor advisories and patch information. Affected products include: Toshibatec E-Studio-167 With Network Printer Kit Firmware, Toshibatec E-Studio-181 With Network Printer Kit Firmware, Toshibatec E-Studio-182 With Network Printer Kit Firmware, Toshibatec E-Studio-207 With Network Printer Kit Firmware, Toshibatec E-Studio-232 Firmware.