Search
Find a vulnerability
Search criteria
22 vulnerabilities found for Printers by Lenovo
CVE-2024-6004 (GCVE-0-2024-6004)
Vulnerability from nvd – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:28
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T16:42:49.406391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T16:43:07.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:28:23.380Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-6004",
"datePublished": "2024-08-16T14:17:44.070Z",
"dateReserved": "2024-06-14T15:26:46.783Z",
"dateUpdated": "2025-08-21T15:28:23.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5210 (GCVE-0-2024-5210)
Vulnerability from nvd – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:27
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T15:02:53.351540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T15:03:00.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:27:36.864Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-5210",
"datePublished": "2024-08-16T14:17:39.051Z",
"dateReserved": "2024-05-22T16:36:10.960Z",
"dateUpdated": "2025-08-21T15:27:36.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5209 (GCVE-0-2024-5209)
Vulnerability from nvd – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:27
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T14:39:01.713968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T14:39:56.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:27:18.878Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-5209",
"datePublished": "2024-08-16T14:17:29.415Z",
"dateReserved": "2024-05-22T16:36:10.019Z",
"dateUpdated": "2025-08-21T15:27:18.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4782 (GCVE-0-2024-4782)
Vulnerability from nvd – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:26
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer's functionality until a manual system reboot occurs.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T16:52:19.608799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T16:52:42.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer\u0027s functionality until a manual system reboot occurs.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer\u0027s functionality until a manual system reboot occurs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:26:59.308Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-4782",
"datePublished": "2024-08-16T14:17:24.013Z",
"dateReserved": "2024-05-10T18:54:22.138Z",
"dateUpdated": "2025-08-21T15:26:59.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4781 (GCVE-0-2024-4781)
Vulnerability from nvd – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:25
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T17:25:39.876825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:28:51.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:25:36.366Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\nUpgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 -\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 -\u00a0 https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-4781",
"datePublished": "2024-08-16T14:17:18.955Z",
"dateReserved": "2024-05-10T18:54:21.374Z",
"dateUpdated": "2025-08-21T15:25:36.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3286 (GCVE-0-2024-3286)
Vulnerability from nvd – Published: 2024-05-16 17:21 – Updated: 2024-09-06 22:55
VLAI
EPSS
VEX
Summary
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/421500"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.lenovoimage.com/psirt/notice/158605.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:lenovo:printer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "printer",
"vendor": "lenovo",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:29:16.353962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T22:55:43.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks China Information Technology Innovation Vulnerability Database (CITIVD) and Chaitin for reporting this issue. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nA buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T17:21:21.869Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/421500"
},
{
"url": "https://www.lenovoimage.com/psirt/notice/158605.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate the printer firmware version (or higher) listed in the Customer Mitigation section of LEN-158605:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://newsupport.lenovo.com.cn/SecurityPolicy.html\"\u003e\n\n\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/421500\"\u003ehttps://iknow.lenovo.com.cn/detail/421500\u003c/a\u003e\n\n\u003cbr\u003e\u003c/p\u003e\n"
}
],
"value": "\nUpdate the printer firmware version (or higher) listed in the Customer Mitigation section of LEN-158605:\u00a0\n\n https://iknow.lenovo.com.cn/detail/421500 \n\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3286",
"datePublished": "2024-05-16T17:21:21.869Z",
"dateReserved": "2024-04-03T20:11:41.608Z",
"dateUpdated": "2024-09-06T22:55:43.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27912 (GCVE-0-2024-27912)
Vulnerability from nvd – Published: 2024-04-05 20:47 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T16:15:18.485167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:57:13.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets."
}
],
"value": "A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:47:09.905Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27912",
"datePublished": "2024-04-05T20:47:09.905Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27911 (GCVE-0-2024-27911)
Vulnerability from nvd – Published: 2024-04-05 20:47 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:59:01.135627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:59:08.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password."
}
],
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:47:01.657Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27911",
"datePublished": "2024-04-05T20:47:01.657Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27910 (GCVE-0-2024-27910)
Vulnerability from nvd – Published: 2024-04-05 20:46 – Updated: 2024-08-20 15:40
VLAI
EPSS
VEX
Summary
A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
30 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m280w_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m280w_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m280dw_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m280dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1520w_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1520w_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1520d_pro_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1520d_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1688dw_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1688dw_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1688w_pro_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1688w_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m101dw_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m101dw_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m260dw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m260dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m200dw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m200dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7360dnw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m7360dnw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_z1_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_z1_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_gm265dn_firmware |
Affected:
6.54.00.08.00
cpe:2.3:o:lenovo:lijiang_gm265dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_lj2320dn_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_lj2320dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_lj2320dnp_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_lj2320dnp_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g263dns_firmware |
Affected:
2.21.00.04.00
cpe:2.3:o:lenovo:lijiang_g263dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g266dns_firmware |
Affected:
7.21.00.04.00
cpe:2.3:o:lenovo:lijiang_g266dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g336dn_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g336dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g338dns_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g338dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g337dn_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g337dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g339dns_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g339dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7360dna_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_m7360dna_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7365dna_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_m7365dna_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_gm268dnas_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_gm268dnas_firmware:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m280w_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m280w_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m280dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m280dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1520w_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1520w_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1520d_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1520d_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1688dw_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1688dw_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1688w_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1688w_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m101dw_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m101dw_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m260dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m260dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m200dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m200dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7360dnw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7360dnw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_z1_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_z1_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_gm265dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "6.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_lj2320dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_lj2320dnp_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_lj2320dnp_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g263dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g263dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "2.21.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g266dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g266dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "7.21.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g336dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g338dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g338dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g337dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g339dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g339dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7360dna_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7360dna_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7365dna_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7365dna_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_gm268dnas_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_gm268dnas_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T18:59:41.081294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T15:40:35.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication."
}
],
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:55.352Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27910",
"datePublished": "2024-04-05T20:46:55.352Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-20T15:40:35.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27909 (GCVE-0-2024-27909)
Vulnerability from nvd – Published: 2024-04-05 20:46 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:47:09.841163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:47:17.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot."
}
],
"value": "A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:46.021Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27909",
"datePublished": "2024-04-05T20:46:46.021Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27908 (GCVE-0-2024-27908)
Vulnerability from nvd – Published: 2024-04-05 20:46 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T19:49:03.992396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:05.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service."
}
],
"value": "A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:36.450Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 -\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 -\u00a0 https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27908",
"datePublished": "2024-04-05T20:46:36.450Z",
"dateReserved": "2024-02-27T16:12:55.967Z",
"dateUpdated": "2024-08-02T00:41:55.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6004 (GCVE-0-2024-6004)
Vulnerability from cvelistv5 – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:28
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T16:42:49.406391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T16:43:07.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printer connections until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:28:23.380Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-6004",
"datePublished": "2024-08-16T14:17:44.070Z",
"dateReserved": "2024-06-14T15:26:46.783Z",
"dateUpdated": "2025-08-21T15:28:23.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5210 (GCVE-0-2024-5210)
Vulnerability from cvelistv5 – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:27
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T15:02:53.351540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T15:03:00.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to prevent printer services from being reachable until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:27:36.864Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-5210",
"datePublished": "2024-08-16T14:17:39.051Z",
"dateReserved": "2024-05-22T16:36:10.960Z",
"dateUpdated": "2025-08-21T15:27:36.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5209 (GCVE-0-2024-5209)
Vulnerability from cvelistv5 – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:27
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T14:39:01.713968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T14:39:56.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to deny printing capabilities until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:27:18.878Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-5209",
"datePublished": "2024-08-16T14:17:29.415Z",
"dateReserved": "2024-05-22T16:36:10.019Z",
"dateUpdated": "2025-08-21T15:27:18.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4782 (GCVE-0-2024-4782)
Vulnerability from cvelistv5 – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:26
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer's functionality until a manual system reboot occurs.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T16:52:19.608799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T16:52:42.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer\u0027s functionality until a manual system reboot occurs.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to disrupt the printer\u0027s functionality until a manual system reboot occurs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:26:59.308Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 - https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-4782",
"datePublished": "2024-08-16T14:17:24.013Z",
"dateReserved": "2024-05-10T18:54:22.138Z",
"dateUpdated": "2025-08-21T15:26:59.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4781 (GCVE-0-2024-4781)
Vulnerability from cvelistv5 – Published: 2024-08-16 14:17 – Updated: 2025-08-21 15:25
VLAI
EPSS
VEX
Summary
A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T17:25:39.876825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:28:51.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Rui-Nan Hu, Cheng Li, Dong Zhang, Yu-Chen Sun, Wen-Han Xu, Zhen-Yu Guan, and Jian-Wei Liu from School of Cyber Science and Technology of Beihang University for reporting these issues."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted.\u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability was reported in some Lenovo printers that could allow an unauthenticated attacker on a shared network to crash printer communications until the system is rebooted."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T15:25:36.366Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/422688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\nUpgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 -\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/422688\"\u003ehttps://iknow.lenovo.com.cn/detail/422688\u003c/a\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Customer Mitigation section of LEN-158939 -\u00a0 https://iknow.lenovo.com.cn/detail/422688"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-4781",
"datePublished": "2024-08-16T14:17:18.955Z",
"dateReserved": "2024-05-10T18:54:21.374Z",
"dateUpdated": "2025-08-21T15:25:36.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3286 (GCVE-0-2024-3286)
Vulnerability from cvelistv5 – Published: 2024-05-16 17:21 – Updated: 2024-09-06 22:55
VLAI
EPSS
VEX
Summary
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/421500"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.lenovoimage.com/psirt/notice/158605.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:lenovo:printer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "printer",
"vendor": "lenovo",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3286",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:29:16.353962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T22:55:43.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks China Information Technology Innovation Vulnerability Database (CITIVD) and Chaitin for reporting this issue. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nA buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request.\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T17:21:21.869Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/421500"
},
{
"url": "https://www.lenovoimage.com/psirt/notice/158605.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate the printer firmware version (or higher) listed in the Customer Mitigation section of LEN-158605:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://newsupport.lenovo.com.cn/SecurityPolicy.html\"\u003e\n\n\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/421500\"\u003ehttps://iknow.lenovo.com.cn/detail/421500\u003c/a\u003e\n\n\u003cbr\u003e\u003c/p\u003e\n"
}
],
"value": "\nUpdate the printer firmware version (or higher) listed in the Customer Mitigation section of LEN-158605:\u00a0\n\n https://iknow.lenovo.com.cn/detail/421500 \n\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3286",
"datePublished": "2024-05-16T17:21:21.869Z",
"dateReserved": "2024-04-03T20:11:41.608Z",
"dateUpdated": "2024-09-06T22:55:43.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27912 (GCVE-0-2024-27912)
Vulnerability from cvelistv5 – Published: 2024-04-05 20:47 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T16:15:18.485167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:57:13.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets."
}
],
"value": "A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:47:09.905Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27912",
"datePublished": "2024-04-05T20:47:09.905Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27911 (GCVE-0-2024-27911)
Vulnerability from cvelistv5 – Published: 2024-04-05 20:47 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:59:01.135627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:59:08.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password."
}
],
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:47:01.657Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27911",
"datePublished": "2024-04-05T20:47:01.657Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27910 (GCVE-0-2024-27910)
Vulnerability from cvelistv5 – Published: 2024-04-05 20:46 – Updated: 2024-08-20 15:40
VLAI
EPSS
VEX
Summary
A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
30 products
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Printers |
Affected:
Various
|
|
| lenovo | lingxlang_g262dn_firmware |
Affected:
1.00.19
cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_g336dn_firmware |
Affected:
1.00.20
cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_lj2320dn_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lj2310n_firmware |
Affected:
1.00.10
cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm265dn_firmware |
Affected:
1.00.26
cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:* |
|
| lenovo | lingxlang_gm337dn_firmware |
Affected:
1.00.24
cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m280w_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m280w_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m280dw_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m280dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1520w_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1520w_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1520d_pro_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1520d_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1688dw_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1688dw_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m1688w_pro_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m1688w_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m101dw_pro_firmware |
Affected:
8.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m101dw_pro_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m260dw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m260dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m200dw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m200dw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7360dnw_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_m7360dnw_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_z1_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_z1_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_gm265dn_firmware |
Affected:
6.54.00.08.00
cpe:2.3:o:lenovo:lijiang_gm265dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_lj2320dn_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_lj2320dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_lj2320dnp_firmware |
Affected:
4.54.00.08.00
cpe:2.3:o:lenovo:lijiang_lj2320dnp_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g263dns_firmware |
Affected:
2.21.00.04.00
cpe:2.3:o:lenovo:lijiang_g263dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g266dns_firmware |
Affected:
7.21.00.04.00
cpe:2.3:o:lenovo:lijiang_g266dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g336dn_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g336dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g338dns_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g338dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g337dn_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g337dn_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_g339dns_firmware |
Affected:
5.10.00.04.00
cpe:2.3:o:lenovo:lijiang_g339dns_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7360dna_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_m7360dna_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_m7365dna_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_m7365dna_firmware:*:*:*:*:*:*:*:* |
|
| lenovo | lijiang_gm268dnas_firmware |
Affected:
3.17.00.01.00
cpe:2.3:o:lenovo:lijiang_gm268dnas_firmware:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g262dn_firmware:1.00.19:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g262dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.19"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_g336dn_firmware:1.00.20:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.20"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_lj2320dn_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lj2310n_firmware:1.00.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lj2310n_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.10"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm265dn_firmware:1.00.26:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.26"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lingxlang_gm337dn_firmware:1.00.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lingxlang_gm337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "1.00.24"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m280w_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m280w_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m280dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m280dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1520w_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1520w_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1520d_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1520d_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1688dw_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1688dw_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m1688w_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m1688w_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m101dw_pro_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m101dw_pro_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "8.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m260dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m260dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m200dw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m200dw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7360dnw_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7360dnw_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_z1_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_z1_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_gm265dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_gm265dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "6.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_lj2320dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_lj2320dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_lj2320dnp_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_lj2320dnp_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "4.54.00.08.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g263dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g263dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "2.21.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g266dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g266dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "7.21.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g336dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g336dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g338dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g338dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g337dn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g337dn_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_g339dns_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_g339dns_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "5.10.00.04.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7360dna_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7360dna_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_m7365dna_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_m7365dna_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
},
{
"cpes": [
"cpe:2.3:o:lenovo:lijiang_gm268dnas_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "lijiang_gm268dnas_firmware",
"vendor": "lenovo",
"versions": [
{
"status": "affected",
"version": "3.17.00.01.00"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T18:59:41.081294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T15:40:35.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication."
}
],
"value": "A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:55.352Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27910",
"datePublished": "2024-04-05T20:46:55.352Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-20T15:40:35.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27909 (GCVE-0-2024-27909)
Vulnerability from cvelistv5 – Published: 2024-04-05 20:46 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T15:47:09.841163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:47:17.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot."
}
],
"value": "A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:46.021Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 - https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27909",
"datePublished": "2024-04-05T20:46:46.021Z",
"dateReserved": "2024-02-27T16:12:55.968Z",
"dateUpdated": "2024-08-02T00:41:55.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27908 (GCVE-0-2024-27908)
Vulnerability from cvelistv5 – Published: 2024-04-05 20:46 – Updated: 2024-08-02 00:41
VLAI
EPSS
VEX
Summary
A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
1 reference
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T19:49:03.992396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:05.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Printers",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "Various"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Jia-Ju Bai, Wen-Han Xu, Rui-Nan Hu, Dong Zhang, Cheng Li, Zhen-Yu Guan, and Jian-Wei Liu of the School of Cyber Science and Technology of Beihang University for reporting these issues. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service."
}
],
"value": "A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-05T20:46:36.450Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/420425"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 -\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://iknow.lenovo.com.cn/detail/420425\"\u003ehttps://iknow.lenovo.com.cn/detail/420425\u003c/a\u003e"
}
],
"value": "Upgrade printer firmware to the version (or later) listed in the Product Impact section of LEN-148876 -\u00a0 https://iknow.lenovo.com.cn/detail/420425 "
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-27908",
"datePublished": "2024-04-05T20:46:36.450Z",
"dateReserved": "2024-02-27T16:12:55.967Z",
"dateUpdated": "2024-08-02T00:41:55.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}