Server-Side Request Forgery in Lexmark Web Services
CVE-2023-50733

8.6HIGH

Key Information:

Vendor: Lexmark
Status: Various
Vendor: CVE Published:; 21 January 2025

Summary

A Server-Side Request Forgery (SSRF) vulnerability has been discovered in the Web Services feature of newer Lexmark devices. This security flaw potentially allows an attacker to send unauthorized requests to internal resources, posing risks to sensitive data and network security. It is crucial for users of Lexmark devices to apply relevant security patches and updates to mitigate these risks. For more detailed information and guidance, visit the official Lexmark Security Advisory page.

Affected Version(s)

various 0 <= 230.211

References

https://www.lexmark.com/en_us/solutions/security/lexmark-...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 21, 2025