{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-25T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-01-27T04:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://support.lexmark.com/index?page=content&id=TE745"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-1896", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://support.lexmark.com/index?page=content&id=TE745", "refsource": "CONFIRM", "url": "http://support.lexmark.com/index?page=content&id=TE745"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-1896", "datePublished": "2016-01-27T02:00:00", "dateReserved": "2016-01-13T00:00:00", "dateUpdated": "2016-01-27T04:57:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C29BEB30-DC3B-4922-9234-9F4CB9E2C048", "versionEndIncluding": "cb.02.048", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lexmark:c4150:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF07C509-7E15-414C-9F1A-0DF8204136CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs720de:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AD322C1-05F1-42AA-9F94-46F53E0529C0", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs720dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "11E85F1B-AE5F-4515-A5E0-5FAE4DF22228", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs725de:*:*:*:*:*:*:*:*", "matchCriteriaId": "F637ED5E-EBAA-42FA-B1EC-5A62BC35C1AA", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs725dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "36DF826B-6EE0-4C67-AB9C-56B86516EF07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "46D65111-B7BC-4A60-83CB-0D3C2CF216DF", "versionEndIncluding": "atl.02.048", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lexmark:cx725de:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE911CAA-BB40-462E-B7B1-08E6B8120536", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx725dhe:*:*:*:*:*:*:*:*", "matchCriteriaId": "536113D5-F589-4EDA-A273-56B3E73450CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx725dthe:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E4B5588-09A3-4FA2-81D0-715B52902B02", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc4150:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BFB88AA-AA66-46E1-AA48-DA149E50A57C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CDC2CBD-3940-4952-8546-E6EA66C0725F", "versionEndIncluding": "yk.02.048", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lexmark:c6160:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E4434A-93AE-494E-8D46-4F7BE14AFFCB", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs820de:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FF541E0-D4DA-4B4C-8870-D3EC59EC9F83", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs820dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "B79F4035-1CEC-488F-9066-83E48D19CAA9", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cs820dtfe:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CC04B20-E795-49B2-8A84-1F559409D770", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lexmark:printer_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB4760C3-77CB-4179-B7E9-79538C206498", "versionEndIncluding": "pp.02.048", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lexmark:cx820de:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6CA052D-1DE0-45CC-8317-AE62D59179DA", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx820dtfe:*:*:*:*:*:*:*:*", "matchCriteriaId": "4AD59709-2F7D-402B-8BEB-39F254B5F92A", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx825de:*:*:*:*:*:*:*:*", "matchCriteriaId": "1751C220-21F2-4B00-BC83-4547C3EB549F", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx825dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE9956F4-B90F-4DF2-A010-162DE39C1586", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx825dtfe:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BA85370-DB44-4D02-AC9D-3F7732ABAF48", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx860de:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D26F568-042D-4247-A728-933AF110BC51", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx860dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCD0E198-C530-4FD3-AE96-5C75BDF2B7E7", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:cx860dtfe:*:*:*:*:*:*:*:*", "matchCriteriaId": "43839086-5EA5-4FB6-B92D-378FECD3C9BD", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc6152de:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B0403F7-39BD-463F-83A2-3722AD2568B0", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc6152dtfe:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A553DB8-FA2D-4AFD-9B2D-96F52F90AECD", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc8155de:*:*:*:*:*:*:*:*", "matchCriteriaId": "67CFD744-5BF8-4912-B9ED-68037528FDF4", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc8155dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "14DB6F86-9F8D-4065-BAFB-AF393FEDE24C", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc8160de:*:*:*:*:*:*:*:*", "matchCriteriaId": "98059800-F8CE-4963-A3C8-7BFE2BEBE2A3", "vulnerable": false}, {"criteria": "cpe:2.3:h:lexmark:xc8160dte:*:*:*:*:*:*:*:*", "matchCriteriaId": "806FECDA-5A28-46E8-8AEA-534560B58042", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allows remote attackers to bypass authentication by leveraging incorrect detection of the security-jumper status."}, {"lang": "es", "value": "Condici\u00f3n de carrera en el proceso de inicializaci\u00f3n en impresoras Lexmark con firmware ATL en versiones anteriores a ATL.02.049, CB en versiones anteriores a CB.02.049, PP en versiones anteriores a PP.02.049 y YK en versiones anteriores a YK.02.049 permite a atacantes remotos eludir la autenticaci\u00f3n aprovechando una detecci\u00f3n incorrecta del estado del puente de seguridad."}], "id": "CVE-2016-1896", "lastModified": "2016-02-01T01:16:57.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-27T05:59:04.307", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://support.lexmark.com/index?page=content&id=TE745"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-254"}, {"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}