Information Disclosure Issue in Brother MFC-9970CDW by Brother Industries
CVE-2013-2674

7.5HIGH

Key Information:

Vendor

Brother

Status
Mfc-9970cdw Firmware
Vendor
CVE Published:
3 February 2020

What is CVE-2013-2674?

The Brother MFC-9970CDW printer, running firmware version 1.10, is exposed to an information disclosure vulnerability. Remote attackers can exploit this flaw to access sensitive information from HTTP referrer logs, primarily due to improper management of referrer headers. Organizations utilizing this device should take immediate action to mitigate potential risks associated with unauthorized data access.

References

http://packetstormsecurity.com/files/121553/Brother-MFC-9...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84091
vdb-entryx_refsource_XF
https://www.securityfocus.com/bid/59725
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.