CVE-2023-23560

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.

Published: Jan 23, 2023
Updated: Apr 14, 2023
CVE: CVE-2023-23560
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-918

Affected Software
References

Software	From	Fixed in
lexmark / b2236_firmware	-	mslsg.081.234
lexmark / b2338_firmware	-	msngm.081.234
lexmark / b2442_firmware	-	msngm.081.234
lexmark / b2546_firmware	-	msngm.081.234
lexmark / b2650_firmware	-	msngm.081.234
lexmark / b2865_firmware	-	msngw.081.234
lexmark / b3340_firmware	-	mslbd.081.234
lexmark / b3442_firmware	-	mslbd.081.234
lexmark / c2240_firmware	-	cstzj.081.234
lexmark / c2325_firmware	-	csnzj.081.234
lexmark / c2326_firmware	-	cslbn.081.234
lexmark / c2425_firmware	-	csnzj.081.234
lexmark / c2535_firmware	-	csnzj.081.234
lexmark / c3224_firmware	-	cslbl.081.234
lexmark / c3326_firmware	-	cslbl.081.234
lexmark / c3426_firmware	-	cslbn.081.234
lexmark / c4150_firmware	-	cstat.081.234
lexmark / c6160_firmware	-	cstpp.081.234
lexmark / c9235_firmware	-	cstmh.081.234
lexmark / cs331_firmware	-	cslbl.081.234
lexmark / cs421_firmware	-	csnzj.081.234
lexmark / cs431_firmware	-	cslbn.081.234
lexmark / cs439_firmware	-	cslbn.081.234
lexmark / cs521_firmware	-	csnzj.081.234
lexmark / cs622_firmware	-	cstzj.081.234
lexmark / cs720_firmware	-	cstat.081.234
lexmark / cs725_firmware	-	cstat.081.234
lexmark / cs727_firmware	-	cstat.081.234
lexmark / cs728_firmware	-	cstat.081.234
lexmark / cs820_firmware	-	cstpp.081.234
lexmark / cs827_firmware	-	cstpp.081.234
lexmark / cs921_firmware	-	cstmh.081.234
lexmark / cs923_firmware	-	cstmh.081.234
lexmark / cs927_firmware	-	cstmh.081.234
lexmark / cx331_firmware	-	cxlbl.081.234
lexmark / cx421_firmware	-	cxnzj.081.234
lexmark / cx431_firmware	-	cxlbn.081.234
lexmark / cx522_firmware	-	cxtzj.081.234
lexmark / cx622_firmware	-	cxtzj.081.234
lexmark / cx625_firmware	-	cxtzj.081.234
lexmark / cx725_firmware	-	cxtat.081.234
lexmark / cx727_firmware	-	cxtat.081.234
lexmark / cx820_firmware	-	cxtpp.081.234
lexmark / cx825_firmware	-	cxtpp.081.234
lexmark / cx860_firmware	-	cxtpp.081.234
lexmark / cx920_firmware	-	cxtmh.081.234
lexmark / cx921_firmware	-	cxtmh.081.234
lexmark / cx922_firmware	-	cxtmh.081.234
lexmark / cx923_firmware	-	cxtmh.081.234
lexmark / cx924_firmware	-	cxtmh.081.234
lexmark / cx944_firmware	-	cxtpc.081.234
lexmark / m1242_firmware	-	msngm.081.234
lexmark / m1246_firmware	-	msngm.081.234
lexmark / m1342_firmware	-	mslbd.081.234
lexmark / m3250_firmware	-	mstgm.081.234
lexmark / m5255_firmware	-	mstgw.081.234
lexmark / m5270_firmware	-	mstgw.081.234
lexmark / mb2236_firmware	-	mxlsg.081.234
lexmark / mb2338_firmware	-	mxngm.081.234
lexmark / mb2442_firmware	-	mxtgm.081.234
lexmark / mb2546_firmware	-	mxtgm.081.234
lexmark / mb2650_firmware	-	mxtgm.081.234
lexmark / mb2770_firmware	-	mxtgw.081.234
lexmark / mb3442_firmware	-	mxlbd.081.234
lexmark / mc2325_firmware	-	cxnzj.081.234
lexmark / mc2425_firmware	-	cxnzj.081.234
lexmark / mc2535_firmware	-	cxtzj.081.234
lexmark / mc2640_firmware	-	cxtzj.081.234
lexmark / mc3224_firmware	-	cxlbl.081.234
lexmark / mc3326_firmware	-	cxlbl.081.234
lexmark / mc3426_firmware	-	cxlbn.081.234
lexmark / ms321_firmware	-	msngm.081.234
lexmark / ms331_firmware	-	mslbd.081.234
lexmark / ms421_firmware	-	msngm.081.234
lexmark / ms431_firmware	-	mslbd.081.234
lexmark / ms521_firmware	-	msngm.081.234
lexmark / ms621_firmware	-	msngm.081.234
lexmark / ms622_firmware	-	mstgm.081.234
lexmark / ms725_firmware	-	msngw.081.234
lexmark / ms821_firmware	-	msngw.081.234
lexmark / ms822_firmware	-	mstgw.081.234
lexmark / ms823_firmware	-	msngw.081.234
lexmark / ms825_firmware	-	msngw.081.234
lexmark / ms826_firmware	-	mstgw.081.234
lexmark / mx321_firmware	-	mxngm.081.234
lexmark / mx331_firmware	-	mxlbd.081.234
lexmark / mx421_firmware	-	mxtgm.081.234
lexmark / mx431_firmware	-	mxlbd.081.234
lexmark / mx432_firmware	-	mxtct.081.234
lexmark / mx521_firmware	-	mxtgm.081.234
lexmark / mx522_firmware	-	mxtgm.081.234
lexmark / mx622_firmware	-	mxtgm.081.234
lexmark / mx721_firmware	-	mxtgw.081.234
lexmark / mx722_firmware	-	mxtgw.081.234
lexmark / mx822_firmware	-	mxtgw.081.234
lexmark / mx826_firmware	-	mxtgw.081.234
lexmark / mx931_firmware	-	mxtpm.081.234
lexmark / xc2235_firmware	-	cxtzj.081.234
lexmark / xc2326_firmware	-	cxlbn.081.234
lexmark / xc4140_firmware	-	cxtat.081.234
lexmark / xc4143_firmware	-	cxtat.081.234
lexmark / xc4150_firmware	-	cxtat.081.234
lexmark / xc4153_firmware	-	cxtat.081.234
lexmark / xc4240_firmware	-	cxtzj.081.234
lexmark / xc4342_firmware	-	cxtmm.081.234
lexmark / xc4352_firmware	-	cxtmm.081.234
lexmark / xc6152_firmware	-	cxtpp.081.234
lexmark / xc6153_firmware	-	cxtpp.081.234
lexmark / xc8155_firmware	-	cxtpp.081.234
lexmark / xc8160_firmware	-	cxtpp.081.234
lexmark / xc8163_firmware	-	cxtpp.081.234
lexmark / xc9225_firmware	-	cxtmh.081.234
lexmark / xc9235_firmware	-	cxtmh.081.234
lexmark / xc9245_firmware	-	cxtmh.081.234
lexmark / xc9255_firmware	-	cxtmh.081.234
lexmark / xc9265_firmware	-	cxtmh.081.234
lexmark / xc9335_firmware	-	cxtpc.081.234
lexmark / xc9445_firmware	-	cxtpc.081.234
lexmark / xc9455_firmware	-	cxtpc.081.234
lexmark / xc9465_firmware	-	cxtpc.081.234
lexmark / xm1242_firmware	-	mxtgm.081.234
lexmark / xm1246_firmware	-	mxtgm.081.234
lexmark / xm1342_firmware	-	mslbd.081.234
lexmark / xm3142_firmware	-	mxtct.081.234
lexmark / xm3250_firmware	-	mxtgm.081.234
lexmark / xm5365_firmware	-	mxtgw.081.234
lexmark / xm7355_firmware	-	mxtgw.081.234
lexmark / xm7370_firmware	-	mxtgw.081.234

Vulnerability Database

CVE-2023-23560

Deep Security Visibility Without the Complexity