CVE-2018-17944 in Deviceinfo

Zusammenfassung

von MITRE

On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are not automatically deleted upon that type of hostname change.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

03.10.2018

Moderieren

akzeptiert

Eintrag

VDB-131584

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

4.9 (NVD)

EPSS

0.00281

KEV

nein

Aktivitäten

very low

Sektor

Pharma, Industry, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-17944
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-17944
CVE Details	https://www.cvedetails.com/cve/CVE-2018-17944/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!