Skip to main content

B2236 Firmware CVE-2023-22960

HIGH
Improper Restriction of Excessive Authentication Attempts (CWE-307)
2023-01-23 cve@mitre.org
Information Disclosure B2236 Firmware B2338 Firmware B2442 Firmware B2546 Firmware B2650 Firmware B2865 Firmware B3340 Firmware B3442 Firmware C2240 Firmware C2325 Firmware C2326 Firmware C2425 Firmware C2535 Firmware C3224 Firmware C3326 Firmware C3426 Firmware C4150 Firmware C6160 Firmware C9235 Firmware Cs331 Firmware Cs421 Firmware Cs431 Firmware Cs439 Firmware Cs521 Firmware Cs622 Firmware Cs720 Firmware Cs725 Firmware Cs727 Firmware Cs728 Firmware Cs820 Firmware Cs827 Firmware Cs921 Firmware Cs923 Firmware Cs927 Firmware Cx331 Firmware Cx421 Firmware Cx431 Firmware Cx522 Firmware Cx622 Firmware Cx625 Firmware Cx725 Firmware Cx727 Firmware Cx820 Firmware Cx825 Firmware Cx860 Firmware Cx920 Firmware Cx921 Firmware Cx922 Firmware Cx923 Firmware Cx924 Firmware Cx944 Firmware M1242 Firmware M1246 Firmware M1342 Firmware M3250 Firmware M5255 Firmware M5270 Firmware Mb2236 Firmware Mb2338 Firmware Mb2442 Firmware Mb2546 Firmware Mb2650 Firmware Mb2770 Firmware Mb3442 Firmware Mc2325 Firmware Mc2425 Firmware Mc2535 Firmware Mc2640 Firmware Mc3224 Firmware Mc3326 Firmware Mc3426 Firmware Ms321 Firmware Ms331 Firmware Ms421 Firmware Ms431 Firmware Ms521 Firmware Ms621 Firmware Ms622 Firmware Ms725 Firmware Ms821 Firmware Ms822 Firmware Ms823 Firmware Ms825 Firmware Ms826 Firmware Mx321 Firmware Mx331 Firmware Mx421 Firmware Mx431 Firmware Mx432 Firmware Mx521 Firmware Mx522 Firmware Mx622 Firmware Mx721 Firmware Mx722 Firmware Mx822 Firmware Mx826 Firmware Mx931 Firmware Xc2235 Firmware Xc2326 Firmware Xc4140 Firmware Xc4143 Firmware Xc4150 Firmware Xc4153 Firmware Xc4240 Firmware Xc4342 Firmware Xc4352 Firmware Xc6152 Firmware Xc6153 Firmware Xc8155 Firmware Xc8160 Firmware Xc8163 Firmware Xc9225 Firmware Xc9235 Firmware Xc9245 Firmware Xc9255 Firmware Xc9265 Firmware Xc9335 Firmware Xc9445 Firmware Xc9455 Firmware Xc9465 Firmware Xm1242 Firmware Xm1246 Firmware Xm1342 Firmware Xm3142 Firmware Xm3250 Firmware Xm5365 Firmware Xm7355 Firmware Xm7370 Firmware
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jan 23, 2023 - 21:15 nvd
HIGH 7.5

DescriptionNVD

Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.

AnalysisAI

Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-307. Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. Affected products include: Lexmark B2236 Firmware, Lexmark B2338 Firmware, Lexmark B2442 Firmware, Lexmark B2546 Firmware, Lexmark B2650 Firmware. Version information: through 2023.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-22960 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy