Vulnerability Details : CVE-2008-0374
OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 sends the configuration of the printer in cleartext, which allows remote attackers to obtain the administrative password by connecting to TCP port 5548 or 7777.
Exploit prediction scoring system (EPSS) score for CVE-2008-0374
Probability of exploitation activity in the next 30 days: 0.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-0374
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2008-0374
-
Assigned by: nvd@nist.gov (Primary)
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-0374
-
http://www.securityfocus.com/bid/27339
Broken Link;Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/39775
OKI C5510MFP configuration information disclosure CVE-2008-0375 Vulnerability ReportVDB Entry
-
http://securityreason.com/securityalert/3569
OKI C5510MFP Printer Password Disclosure - CXSecurity.comThird Party Advisory
-
http://secunia.com/advisories/28553
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.csnc.ch/en/modules/news/news_0004.html_1394092626.html
404 - Compass SecurityBroken Link
-
http://www.securityfocus.com/archive/1/486511/100/0/threaded
Broken Link;Third Party Advisory;VDB Entry
Products affected by CVE-2008-0374
- cpe:2.3:o:oki:c5510mfp_firmware:1.01:*:*:*:*:*:*:*