CVE-2019-10059

The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.

Published: Aug 29, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-10059
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-254

Affected Software
References

Software	From	Fixed in
lexmark / cs31x_firmware	-	lw71.vyl.p233.x
lexmark / cs41x_firmware	-	lw71.vy2.p233.x
lexmark / cx310_firmware	-	lw71.gm2.p233.x
lexmark / ms310_firmware	-	lw71.prl.p233.x
lexmark / ms312_firmware	-	lw71.prl.p233.x
lexmark / ms317_firmware	-	lw71.prl.p233.x
lexmark / ms410_firmware	-	lw71.prl.p233.x
lexmark / m1140_firmware	-	lw71.prl.p233.x
lexmark / ms315_firmware	-	lw71.tl2.p233.x
lexmark / ms415_firmware	-	lw71.tl2.p233.x
lexmark / ms417_firmware	-	lw71.tl2.p233.x
lexmark / ms51x_firmware	-	lw71.pr2.p233.x
lexmark / ms610dn_firmware	-	lw71.pr2.p233.x
lexmark / ms617_firmware	-	lw71.pr2.p233.x
lexmark / m1145_firmware	-	lw71.pr2.p233.x
lexmark / m3150dn_firmware	-	lw71.pr2.p233.x
lexmark / ms71x_firmware	-	lw71.dn2.p233.x
lexmark / m5163dn_firmware	-	lw71.dn2.p233.x
lexmark / ms810_firmware	-	lw71.dn2.p233.x
lexmark / ms811_firmware	-	lw71.dn2.p233.x
lexmark / ms812_firmware	-	lw71.dn2.p233.x
lexmark / ms817_firmware	-	lw71.dn2.p233.x
lexmark / ms818_firmware	-	lw71.dn2.p233.x
lexmark / ms810de_firmware	-	lw71.dn4.p233.x
lexmark / m5155_firmware	-	lw71.dn4.p233.x
lexmark / m5163_firmware	-	lw71.dn4.p233.x
lexmark / ms812de_firmware	-	lw71.dn7.p233.x
lexmark / m5170_firmware	-	lw71.dn7.p233.x
lexmark / ms91x_firmware	-	lw71.sa.p233.x
lexmark / mx31x_firmware	-	lw71.sb2.p233.x
lexmark / xm1135_firmware	-	lw71.sb2.p233.x
lexmark / mx410_firmware	-	lw71.sb4.p233.x
lexmark / mx510_firmware	-	lw71.sb4.p233.x
lexmark / mx511_firmware	-	lw71.sb4.p233.x
lexmark / mx610_firmware	-	lw71.sb7.p233.x
lexmark / mx611_firmware	-	lw71.sb7.p233.x
lexmark / xm3150_firmware	-	lw71.sb7.p233.x
lexmark / mx71x_firmware	-	lw71.tu.p233.x
lexmark / mx81x_firmware	-	lw71.tu.p233.x
lexmark / xm51xx_firmware	-	lw71.tu.p233.x
lexmark / xm71xx_firmware	-	lw71.tu.p233.x
lexmark / mx91x_firmware	-	lw71.mg.p233.x
lexmark / xm91x_firmware	-	lw71.mg.p233.x
lexmark / mx6500e_firmware	-	lw71.jd.p233.x
lexmark / c746_firmware	-	lhs60.cm2.p705.x
lexmark / c748_firmware	-	lhs60.cm4.p705.x
lexmark / cs748_firmware	-	lhs60.cm4.p705.x
lexmark / c792_firmware	-	lhs60.hc.p705.x
lexmark / cs796_firmware	-	lhs60.hc.p705.x
lexmark / c925_firmware	-	lhs60.hv.p705.x
lexmark / c950_firmware	-	lhs60.tp.p705.x
lexmark / x548_firmware	-	lhs60.vk.p705.x
lexmark / xs548_firmware	-	lhs60.vk.p705.x
lexmark / x74x_firmware	-	lhs60.ny.p705.x
lexmark / xs748_firmware	-	lhs60.ny.p705.x
lexmark / x792_firmware	-	lhs60.mr.p705.x
lexmark / xs79x_firmware	-	lhs60.mr.p705.x
lexmark / x925_firmware	-	lhs60.hk.p705.x
lexmark / xs925_firmware	-	lhs60.hk.p705.x
lexmark / x95x_firmware	-	lhs60.tq.p705.x
lexmark / xs95x_firmware	-	lhs60.tq.p705.x
lexmark / 6500e_firmware	-	lhs60.jr.p705.x
lexmark / c734_firmware	-	lr.sk.p815.x
lexmark / c736_firmware	-	lr.ske.p815.x
lexmark / e46x_firmware	-	lr.lbh.p815.x
lexmark / t65x_firmware	-	lr.jp.p815.x
lexmark / x46x_firmware	-	lr.bs.p815.x
lexmark / x65x_firmware	-	lr.mn.p815.x
lexmark / x73x_firmware	-	lr.fl.p815.x
lexmark / w850_firmware	-	lp.jb.p815.x
lexmark / x86x_firmware	-	lp.sp.p815.x

http://support.lexmark.com/index?page=content&id=TE923&locale=EN&userlocale=EN_US

Vulnerability Database

CVE-2019-10059

Deep Security Visibility Without the Complexity