Cross-Site Request Forgery Vulnerability in Lexmark Products
CVE-2019-10057

6.5MEDIUM

Key Information:

Vendor: Lexmark
Status: Cs31x Firmware
Vendor: CVE Published:; 28 August 2019

Summary

Certain Lexmark products are susceptible to Cross-Site Request Forgery (CSRF), allowing attackers to execute unauthorized commands on behalf of authenticated users. This vulnerability potentially exposes sensitive information or enables malicious actions without the user’s consent. Proper mitigation measures should be implemented to safeguard against CSRF attacks.

References

http://support.lexmark.com/index?page=content&id=TE921&lo...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 28, 2019
Vulnerability Reserved
Mar 25, 2019