Intrusion PreventionLexmark.Device.Embedded.Web.SSRF
Description
This indicates an attack attempt to exploit a Server-Side Request Forgery Vulnerability in multiple Lexmark devices.
The vulnerability is due to improper sanitation of a crafted HTTP user input. A remote unauthenticated attacker could exploit this vulnerability by sending an HTTP request to the target vulnerable server. Successful exploitation leads to the disclosure of information which may be used to facilitate further compromise.
Affected Products
Lexmark CX944, XC9335, XC9445,XC9455,XC9465 prior to CXTPC.081.233
Lexmark MX432, XM3142 prior to MXTCT.081.233
Lexmark MX931 prior to MXTPM.081.233
Lexmark XC4342, XC4352 prior to CXTMM.081.233
Lexmark B2236 prior to MSLSG.081.233
Lexmark MB2236 prior to MXLSG.081.233
Lexmark MS331, MS431 prior to MSLBD.081.233
Lexmark M1342 prior to MSLBD.081.233
Lexmark B3442, B3340 prior to MSLBD.081.233
Lexmark XM1342 prior to MSLBD.081.233
Lexmark MX331, MX431 prior to MXLBD.081.233
Lexmark MB3442 prior to MXLBD.081.233
Lexmark MS321, MS421, MS521, MS621 prior to MSNGM.081.233
Lexmark M1242, M1246 prior to MSNGM.081.233
Lexmark B2338, B2442, B2546, B2650 prior to MSNGM.081.233
Lexmark MS622 prior to MSTGM.081.233
Lexmark M3250 prior to MSTGM.081.233
Lexmark MX321 prior to MXNGM.081.233
Lexmark MB2338 prior to MXNGM.081.233
Lexmark MX421, MX521, MX522, MX622 prior to MXTGM.081.233
Lexmark XM1242, XM1246, XM3250 prior to MXTGM.081.233
Lexmark MB2442. MB2546, MB2650 prior to MXTGM.081.233
Lexmark MS725, MS821, MS823, MS825 prior to MSNGW.081.233
Lexmark B2865 prior to MSNGW.081.233
Lexmark MS822, MS826 prior to MSTGW.081.233
Lexmark M5255, M5270 prior to MSTGW.081.233
Lexmark MX721, MX722, MX822, prior to MX826 MXTGW.081.233
Lexmark XM5365, XM7355, XM7370 prior to MXTGW.081.233
Lexmark MB2770 prior to MXTGW.081.233
Lexmark C3426 prior to CSLBN.081.233
Lexmark CS431, CS439 prior to CSLBN.081.233
Lexmark CS331 prior to CSLBL.081.233
Lexmark C3224, C3326 prior to CSLBL.081.233
Lexmark C2326 prior to CSLBN.081.233
Lexmark MC3426 prior to CXLBN.081.233
Lexmark CX431 prior to CXLBN.081.233
Lexmark XC2326 prior to CXLBN.081.233
Lexmark MC3426 prior to CXLBN.081.233
Lexmark MC3224, MC3326 prior to CXLBL.081.233
Lexmark CX331 prior to CXLBL.081.233
Lexmark CS622 prior to CSTZJ.081.233
Lexmark C2240 prior to CSTZJ.081.233
Lexmark CS421, CS521 prior to CSNZJ.081.233
Lexmark C2325, C2425, C2535 prior to CSNZJ.081.233
Lexmark CX522, CX622, CX625 prior to CXTZJ.081.233
Lexmark XC2235, XC4240 prior to CXTZJ.081.233
Lexmark MC2535, MC2640 prior to CXTZJ.081.233
Lexmark CX421 prior to CXNZJ.081.233
Lexmark MC2325, MC2425 prior to CXNZJ.081.233
Lexmark CX820, CX825, CS827, CX860 prior to CXTPP.081.233
Lexmark XC6152, XC6153, XC8155, XC8160, XC8163 prior to CXTPP.081.233
Lexmark CS820, CS827 prior to CSTPP.081.233
Lexmark C6160 prior to CSTPP.081.233
Lexmark CS720, CS725, CS727, CS728 prior to CSTAT.081.233
Lexmark C4150 prior to CSTAT.081.233
Lexmark CX725, CX727 prior to CXTAT.081.233
Lexmark XC4140, XC4143, XC4150, XC4153 prior to CXTAT.081.233
Lexmark CS921, CS923, CS927 prior to CSTMH.081.233
Lexmark C9235 prior to CSTMH.081.233
Lexmark CX920, CX921, CX922, CX923, CX924 prior to CXTMH.081.233
Lexmark XC9225, XC9235, XC9245, XC9255, XC9265 prior to CXTMH.081.233
Impact
Security Bypass: Remote attackers can bypass security checks of vulnerable systems to make HTTP requests.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://publications.lexmark.com/publications/security-alerts/CVE-2023-23560.pdf
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 54738 |
| Created | Mar 04, 2024 |
| Updated | Mar 12, 2024 |
| Risk |
|
| CVE ID | CVE-2023-23560 |
| Exploit Prediction Score | 0.27% |
| Default Action | drop |
| Active | |
| Affected OS | Linux, BSD |
| Affected App | Other |