CVE-2016-3145

Published Apr 22, 2016

Last updated 5 years ago

CVSS medium 4.6

Overview

Description: Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on non-volatile memory.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 4.6
Impact score: 3.6
Exploitability score: 0.9
Vector string: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEAC5802-B92B-4895-8C63-4FFD599644C1",
            "versionEndIncluding": "pp.021.062",
            "versionStartIncluding": "pp"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lexmark:cx820de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "67527A88-0DC6-4E7B-A1F0-CE472C19D9F1"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx820dtfe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB1FFAD9-EED0-49A8-9123-3046B07B4681"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx825de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "90B573EB-7A2D-4178-886F-03998D0BEFD1"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx825dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21CEFE60-AD40-44F4-9B40-321D348BA3AD"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx825dtfe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E6A5F3CB-C008-4C62-AB60-4B89FCDA1DB0"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx860de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6FEE5761-0C06-4478-B1EC-EA33F1F6DEF2"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx860dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "021A4710-334E-4993-B471-43B4CE5976B8"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx860dtfe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "39F645E6-472B-4FCA-8AD7-5B420A558FEB"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc6152de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09B4032F-D131-4E49-A58C-7363436BC78D"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc6152dtfe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0C61A938-34A3-48C0-9688-48EAFE2D4A24"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc8155de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFAE4AEF-F23B-404D-BC1A-BA2441FAB10A"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc8155dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B117121-240E-440F-BF7E-B8F808E918F9"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc8160de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2631BC7C-CA86-4581-A3AD-FBE61244F1E8"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc8160dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A41A9CAA-CF8A-48F2-AECB-D16C415A42AA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE80275C-40AD-4BEC-AF9D-8BFB9A42929E",
            "versionEndIncluding": "cb.021.062",
            "versionStartIncluding": "cb"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lexmark:c4150:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "324EC762-1276-4121-916B-9981925F242D"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs720de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1427A6D-CEA4-440C-B10A-36E17082F792"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs720dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "70D39A4C-568A-45CC-9C08-45CC4E6E32A0"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs725de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5573FDD-3B85-4477-807D-B4C0A5998622"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs725dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F4ACBB26-772F-4D32-97C0-F497A726E31A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62767ADB-755F-4328-8A0B-4DF204950A2F",
            "versionEndIncluding": "yk.021.062",
            "versionStartIncluding": "yk"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lexmark:c6160:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "48E10C08-E129-4482-92B1-67FD6C0D0407"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BE2AA7A-1B70-4912-89F8-97559B225F6F",
            "versionEndIncluding": "yk.021.057",
            "versionStartIncluding": "yk"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lexmark:cs820de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3625CB80-4EC1-47F4-8065-7459F5D14D0D"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs820dte:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "156414A8-0F64-48F0-A17F-A536B4B16EEF"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cs820dtfe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5E42F25E-B296-4FFA-A41E-3CFA226697CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A75C59E7-0B30-4C10-ABFE-BB6AF7FB6118",
            "versionEndIncluding": "atl.021.062",
            "versionStartIncluding": "atl"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:lexmark:cx725de:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9072D963-3E31-4315-8F36-649F24E335BB"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx725dhe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FA61A0D6-A19E-43AB-A1D7-C18728CB527B"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:cx725dthe:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79F1E777-79E7-47EB-8715-72ED79B46E5D"
          },
          {
            "criteria": "cpe:2.3:h:lexmark:xc4150:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "74A27B92-5F83-4280-93EA-31F115408405"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References