Attacker Value
Unknown
1
CVE-2023-23560
1
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2023-23560
(Last updated October 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
MITRE ATT&CK
Select the MITRE ATT&CK Tactics that apply to this CVE
Collection
Select any Techniques used:
Command and Control
Select any Techniques used:
Credential Access
Select any Techniques used:
Defense Evasion
Select any Techniques used:
Discovery
Select any Techniques used:
Execution
Select any Techniques used:
Exfiltration
Select any Techniques used:
Impact
Select any Techniques used:
Initial Access
Select any Techniques used:
Lateral Movement
Select any Techniques used:
Persistence
Select any Techniques used:
Privilege Escalation
Select any Techniques used:
Topic Tags
Select the tags that apply to this CVE (Assessment added tags are disabled and cannot be removed)
What makes this of high-value to an attacker?
What makes this of low-value to an attacker?
Description
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown
Vendors
- lexmark
Products
- b2236 firmware,
- b2338 firmware,
- b2442 firmware,
- b2546 firmware,
- b2650 firmware,
- b2865 firmware,
- b3340 firmware,
- b3442 firmware,
- c2240 firmware,
- c2325 firmware,
- c2326 firmware,
- c2425 firmware,
- c2535 firmware,
- c3224 firmware,
- c3326 firmware,
- c3426 firmware,
- c4150 firmware,
- c6160 firmware,
- c9235 firmware,
- cs331 firmware,
- cs421 firmware,
- cs431 firmware,
- cs439 firmware,
- cs521 firmware,
- cs622 firmware,
- cs720 firmware,
- cs725 firmware,
- cs727 firmware,
- cs728 firmware,
- cs820 firmware,
- cs827 firmware,
- cs921 firmware,
- cs923 firmware,
- cs927 firmware,
- cx331 firmware,
- cx421 firmware,
- cx431 firmware,
- cx522 firmware,
- cx622 firmware,
- cx625 firmware,
- cx725 firmware,
- cx727 firmware,
- cx820 firmware,
- cx825 firmware,
- cx860 firmware,
- cx920 firmware,
- cx921 firmware,
- cx922 firmware,
- cx923 firmware,
- cx924 firmware,
- cx944 firmware,
- m1242 firmware,
- m1246 firmware,
- m1342 firmware,
- m3250 firmware,
- m5255 firmware,
- m5270 firmware,
- mb2236 firmware,
- mb2338 firmware,
- mb2442 firmware,
- mb2546 firmware,
- mb2650 firmware,
- mb2770 firmware,
- mb3442 firmware,
- mc2325 firmware,
- mc2425 firmware,
- mc2535 firmware,
- mc2640 firmware,
- mc3224 firmware,
- mc3326 firmware,
- mc3426 firmware,
- ms321 firmware,
- ms331 firmware,
- ms421 firmware,
- ms431 firmware,
- ms521 firmware,
- ms621 firmware,
- ms622 firmware,
- ms725 firmware,
- ms821 firmware,
- ms822 firmware,
- ms823 firmware,
- ms825 firmware,
- ms826 firmware,
- mx321 firmware,
- mx331 firmware,
- mx421 firmware,
- mx431 firmware,
- mx432 firmware,
- mx521 firmware,
- mx522 firmware,
- mx622 firmware,
- mx721 firmware,
- mx722 firmware,
- mx822 firmware,
- mx826 firmware,
- mx931 firmware,
- xc2235 firmware,
- xc2326 firmware,
- xc4140 firmware,
- xc4143 firmware,
- xc4150 firmware,
- xc4153 firmware,
- xc4240 firmware,
- xc4342 firmware,
- xc4352 firmware,
- xc6152 firmware,
- xc6153 firmware,
- xc8155 firmware,
- xc8160 firmware,
- xc8163 firmware,
- xc9225 firmware,
- xc9235 firmware,
- xc9245 firmware,
- xc9255 firmware,
- xc9265 firmware,
- xc9335 firmware,
- xc9445 firmware,
- xc9455 firmware,
- xc9465 firmware,
- xm1242 firmware,
- xm1246 firmware,
- xm1342 firmware,
- xm3142 firmware,
- xm3250 firmware,
- xm5365 firmware,
- xm7355 firmware,
- xm7370 firmware
References
Additional Info
Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Rapid7
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
