1. Home
  2. CVE Database
  3. CVE-2017-9630
CRITICAL · 9.4

CVE-2017-9630

An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpre...

Vulnerability Description

An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all versions, ProTouch ICON, all versions, and ProTouch AutoGloss, all versions. The web server does not properly verify that provided authentication information is correct.

CVSS Score

9.4

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
PdqincLaserwash G5 Firmware-
PdqincLaserwash G5-
PdqincLaserwash G5 S Firmware-
PdqincLaserwash G5 S-
PdqincLaserwash M5 Firmware-
PdqincLaserwash M5-
PdqincLaserwash 360 Firmware-
PdqincLaserwash 360-
PdqincLaserwash 360 Plus Firmware-
PdqincLaserwash 360 Plus-
PdqincLaserwash Autoxpress Firmware-
PdqincLaserwash Autoxpress-
PdqincLaserwash Autoxpress Plus Firmware-
PdqincLaserwash Autoxpress Plus-
PdqincLaserjet Firmware-
PdqincLaserjet-
PdqincProtouch Tandem Firmware-
PdqincProtouch Tandem-
PdqincProtouch Icon Firmware-
PdqincProtouch Icon-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2017-9630?

CVE-2017-9630 is a vulnerability with a CVSS score of 9.4 (CRITICAL). An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpre...

How severe is CVE-2017-9630?

CVE-2017-9630 has been rated CRITICAL with a CVSS base score of 9.4/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-9630?

Check the references section above for vendor advisories and patch information. Affected products include: Pdqinc Laserwash G5 Firmware, Pdqinc Laserwash G5, Pdqinc Laserwash G5 S Firmware, Pdqinc Laserwash G5 S, Pdqinc Laserwash M5 Firmware.