Vulnerability Description
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lexmark | B2236 Firmware | < mslsg.081.234 |
| Lexmark | B2236 | - |
| Lexmark | B2338 Firmware | < msngm.081.234 |
| Lexmark | B2338 | - |
| Lexmark | B2442 Firmware | < msngm.081.234 |
| Lexmark | B2442 | - |
| Lexmark | B2546 Firmware | < msngm.081.234 |
| Lexmark | B2546 | - |
| Lexmark | B2650 Firmware | < msngm.081.234 |
| Lexmark | B2650 | - |
| Lexmark | B2865 Firmware | < msngw.081.234 |
| Lexmark | B2865 | - |
| Lexmark | B3340 Firmware | < mslbd.081.234 |
| Lexmark | B3340 | - |
| Lexmark | B3442 Firmware | < mslbd.081.234 |
| Lexmark | B3442 | - |
| Lexmark | C2240 Firmware | < cstzj.081.234 |
| Lexmark | C2240 | - |
| Lexmark | C2325 Firmware | < csnzj.081.234 |
| Lexmark | C2325 | - |
Related Weaknesses (CWE)
References
- https://publications.lexmark.com/publications/security-alerts/CVE-2023-23560.pdfVendor Advisory
- https://support.lexmark.com/alerts/Vendor Advisory
- https://publications.lexmark.com/publications/security-alerts/CVE-2023-23560.pdfVendor Advisory
- https://support.lexmark.com/alerts/Vendor Advisory
FAQ
What is CVE-2023-23560?
CVE-2023-23560 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
How severe is CVE-2023-23560?
CVE-2023-23560 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-23560?
Check the references section above for vendor advisories and patch information. Affected products include: Lexmark B2236 Firmware, Lexmark B2236, Lexmark B2338 Firmware, Lexmark B2338, Lexmark B2442 Firmware.