var-201306-0342
Vulnerability from variot
The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the Advanced page. NOTE: the vendor has apparently responded by stating "for user convenience, the default setting does not require a password. However, if a user has a particular concern about third parties accessing the user's home printer, the default setting can be changed to add a password.". Canon Printer is a printer developed by Canon. If the printer is connected to a public Internet network, anonymous users are allowed to modify the configuration. Exploiting this issue can allow a remote attacker to gain access and perform unauthorized configuration changes on the affected device. This may aid in further attacks. Vulnerabilities exist in the following models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, MX922. This should be corrected by requiring a password, even if only a default, but should recommend users to change it upon initial setup of the device.
2 (CVE-2013-4614): The administrative interface on these printers allow a
user to enter a WEP/WPA/WPA2 pre-shared key. Once a key is entered, when a user browses the configuration page again, they can view the current password in clear-text. Once a password is configured, it should not allow the user to read it again. If the user wants to change the password, they should be required to enter a new one, which then overwrites the old one.
3 (CVE-2013-4615): There is a denial of service condition in the
administrative interface on the devices. Using specially crafted HTTP requests, it is possible to cause the device to no longer respond. This requires the device to be turned off, and then back on again, to which the printer will display a message about not being properly turned off, on the display (if model has a display).
I have disclosed all 3 of these issues to Canon, and unfortunately they do not feel it is necessary to fix them (In all fairness, they're not super high severity). More details, along with PoC and Metasploit modules are available here: * http://www.mattandreko.com/2013/06/canon-y-u-no-security.html*
Timeline: May 27, 2013: Initial Email to vendor's support May 28, 2013: Vendor support emailed for additional details May 28, 2013: Sent a proof-of-concept exploit for the DoS vulnerability to vendor May 30, 2013: Vendor escalated issue internally June 4, 2013: Vendor notification that issue has been escalated to manufacturer June 14, 2013: Vendor notification that they will not fix issues June 18, 2013: Public Disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0342",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mg3100 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mx870 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mp495 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mx922 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mp340 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mx890 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mg6100 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mx920 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "mg5300 printer",
"scope": "eq",
"trust": 1.6,
"vendor": "canon",
"version": null
},
{
"model": "pixma mp495",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixma mx340",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixma mx920",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixma mx922",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixus mg3130",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixus mg5330",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixus mg6130",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixus mx870",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "pixus mx893",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "printer mg3100",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mg5300",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mg6100",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mp495",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mx340",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mx870",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mx890",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
},
{
"model": "printer mx920",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:canon:mp495_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mp340_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mx920_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mx922_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mg3100_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mg5300_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mg6100_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mx870_printer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:canon:mx890_printer",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Andreko",
"sources": [
{
"db": "BID",
"id": "60612"
},
{
"db": "PACKETSTORM",
"id": "122073"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
}
],
"trust": 1.0
},
"cve": "CVE-2013-4613",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-4613",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-07716",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-64615",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-4613",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-4613",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-07716",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-388",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-64615",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the Advanced page. NOTE: the vendor has apparently responded by stating \"for user convenience, the default setting does not require a password. However, if a user has a particular concern about third parties accessing the user\u0027s home printer, the default setting can be changed to add a password.\". Canon Printer is a printer developed by Canon. If the printer is connected to a public Internet network, anonymous users are allowed to modify the configuration. \nExploiting this issue can allow a remote attacker to gain access and perform unauthorized configuration changes on the affected device. This may aid in further attacks. Vulnerabilities exist in the following models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, MX922. This should be\ncorrected by requiring a password, even if only a default, but should\nrecommend users to change it upon initial setup of the device. \n\n#2 (CVE-2013-4614): The administrative interface on these printers allow a\nuser to enter a WEP/WPA/WPA2 pre-shared key. Once a key is entered, when a\nuser browses the configuration page again, they can view the current\npassword in clear-text. Once a password is configured, it should not allow\nthe user to read it again. If the user wants to change the password, they\nshould be required to enter a new one, which then overwrites the old one. \n\n#3 (CVE-2013-4615): There is a denial of service condition in the\nadministrative interface on the devices. Using specially crafted HTTP\nrequests, it is possible to cause the device to no longer respond. This\nrequires the device to be turned off, and then back on again, to which the\nprinter will display a message about not being properly turned off, on the\ndisplay (if model has a display). \n\nI have disclosed all 3 of these issues to Canon, and unfortunately they do\nnot feel it is necessary to fix them (In all fairness, they\u0027re not super\nhigh severity). More details, along with PoC and Metasploit modules are\navailable here: *\nhttp://www.mattandreko.com/2013/06/canon-y-u-no-security.html*\n\nTimeline:\nMay 27, 2013: Initial Email to vendor\u0027s support\nMay 28, 2013: Vendor support emailed for additional details\nMay 28, 2013: Sent a proof-of-concept exploit for the DoS vulnerability to\nvendor\nMay 30, 2013: Vendor escalated issue internally\nJune 4, 2013: Vendor notification that issue has been escalated to\nmanufacturer\nJune 14, 2013: Vendor notification that they will not fix issues\nJune 18, 2013: Public Disclosure\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4613"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "BID",
"id": "60612"
},
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "PACKETSTORM",
"id": "122073"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-64615",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64615"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4613",
"trust": 3.5
},
{
"db": "BID",
"id": "60612",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-07716",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20130618 CANON WIRELESS PRINTER DISCLOSURE \u0026 DOS",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "122073",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-64615",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "BID",
"id": "60612"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "PACKETSTORM",
"id": "122073"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"id": "VAR-201306-0342",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "VULHUB",
"id": "VHN-64615"
}
],
"trust": 1.4083333625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
}
]
},
"last_update_date": "2024-11-23T22:02:23.488000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "PIXUS \u5546\u54c1\u4e00\u89a7",
"trust": 0.8,
"url": "http://cweb.canon.jp/pixus/lineup/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4613"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4613"
},
{
"trust": 0.8,
"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb"
},
{
"trust": 0.6,
"url": "http://seclists.org/fulldisclosure/2013/jun/145"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/60612"
},
{
"trust": 0.3,
"url": "http://www.canon.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4615"
},
{
"trust": 0.1,
"url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html*"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4613"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "BID",
"id": "60612"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "PACKETSTORM",
"id": "122073"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"db": "VULHUB",
"id": "VHN-64615"
},
{
"db": "BID",
"id": "60612"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"db": "PACKETSTORM",
"id": "122073"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"date": "2013-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-64615"
},
{
"date": "2013-06-18T00:00:00",
"db": "BID",
"id": "60612"
},
{
"date": "2013-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"date": "2013-06-18T14:23:23",
"db": "PACKETSTORM",
"id": "122073"
},
{
"date": "2013-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"date": "2013-06-21T21:55:01.007000",
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-07716"
},
{
"date": "2013-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-64615"
},
{
"date": "2013-06-18T00:00:00",
"db": "BID",
"id": "60612"
},
{
"date": "2013-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003111"
},
{
"date": "2013-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-388"
},
{
"date": "2024-11-21T01:55:55.860000",
"db": "NVD",
"id": "CVE-2013-4613"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Canon Vulnerability to change settings in printer management interface",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003111"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-388"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…