{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Canon MF237w 06.07 devices. An \"Improper Handling of Length Parameter Inconsistency\" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-30T21:27:58", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.canon-europe.com/support/product-security/"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.scadafence.com/vulnerability-report-cve-2020-16849"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-16849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on Canon MF237w 06.07 devices. An \"Improper Handling of Length Parameter Inconsistency\" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.canon-europe.com/support/product-security/", "refsource": "CONFIRM", "url": "https://www.canon-europe.com/support/product-security/"}, {"name": "https://blog.scadafence.com/vulnerability-report-cve-2020-16849", "refsource": "MISC", "url": "https://blog.scadafence.com/vulnerability-report-cve-2020-16849"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-16849", "datePublished": "2020-11-30T21:27:58", "dateReserved": "2020-08-04T00:00:00", "dateUpdated": "2020-11-30T21:27:58", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf237w_firmware:06.07:*:*:*:*:*:*:*", "matchCriteriaId": "3794F0A2-5B34-43A2-AC06-A930EC9C05B5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf237w:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC88D5BA-D54A-46AF-9F68-28BC78F1061C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf113w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9909F2F9-DBB4-4893-8B13-336E0FA955F9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf113w:-:*:*:*:*:*:*:*", "matchCriteriaId": "10E9019D-689F-4438-AB63-0D3B4BC2D1CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf212w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "959E88B2-CD60-4FBF-8126-49B8B3103596", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf212w:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BFF65AB-5D73-487E-B4E0-E773922B953E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf216n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6097AD72-17E2-4554-A5CB-57CA6115B50C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf216n:-:*:*:*:*:*:*:*", "matchCriteriaId": "6977C1A5-C02C-41F9-8DB5-3B176C4E4048", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf217w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FE9C1D6-5403-4EEF-96AB-F6A3A89E259B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf217w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4660CAEC-C9E9-4081-A594-1C669D98B923", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf226dn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "092D571C-4188-4C14-A1C2-65F079CE0DD3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf226dn:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF7EA529-5D79-4D4F-BAE7-451E54B1902D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf229dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FB483E9-F7E0-4481-916B-A4D31A1E27B9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf229dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C8B2246-BE16-4EA0-9B3D-1A3626BF37DB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf231_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E03548F5-0DEA-4057-AE85-42FB96B2AB9A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf231:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DB1563C-5BE8-4A10-8F84-FCBE92DE7DC2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf232w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F54BC391-9CA2-4F8A-BAC7-3388D3F68F18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf232w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A64DF80-8323-4DEF-991B-5657910E7504", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf244dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DB20BB-8C50-417A-9EF5-EC61AE3787BF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf244dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "E2B39590-B870-43C0-A0E7-D293DCCBBA76", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf247dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F364B0F2-FA8E-4A76-ABD3-CA813951AA27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf247dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2F8688C-F46F-4038-99F3-B2DBC0F6A4D3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf249dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "953A1AAA-B841-417F-957D-A252BDBE60E6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf249dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "314AC8CD-29AA-4F0C-88C0-7613645EE891", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf264dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "097D073B-BF55-42EF-9FC6-DB58D9F5F6B2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf264dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "49944C71-0486-4D6B-B5E4-98ED236A94B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf267dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F470BFFD-9208-4749-9B85-3CEEA7C6552F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf267dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEE6904A-EA34-40FA-96C8-B45068F73ED8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf269dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CE06E45-2A82-44C8-A413-E9E08E30F98D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf269dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "6658823D-A276-40E2-B00C-E77583896D10", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf4570dn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "742D7702-D1E2-4173-AE43-D2237AD020F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf4570dn:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E794B9A-280A-4DF6-BC52-9D225ABF2B88", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf4580dn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EB462AF-AB68-4458-8814-E088FB7A9881", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf4580dn:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5B13AF5-5D72-4890-BC60-ABD5E747AFD8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf4780w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "184032C5-D909-4AB1-BA03-FF3274F2E713", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf4780w:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6C2EFBD-6421-4027-9710-2FE3A5F631D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf4870dn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DB02DD0-65A5-40F0-9813-A9E902848F97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf4870dn:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CA7BD27-9896-41FB-9A4E-31B4E2D8187A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:mf4890dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4690F73C-034F-4A71-869C-25251C560CA1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:mf4890dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F6C210A-329A-45CC-9165-77E37499E358", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp113w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EED1C8C-FE7F-4327-A396-350286915C56", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp113w:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DF50F0A-0B4C-4B5C-A3D8-2B8DA5266CA6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp151dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7D67B56-8066-4E9D-A475-B43DDC8BF694", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp151dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "249B2617-22D5-4E83-9AF9-ABE3280D5330", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:lbp162dw_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1D24E91-A38D-4B1E-8DB5-490152835716", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:lbp162dw:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8006A58-6A22-44A4-873A-8C88998B3B4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:ir2202n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A44C8FA-98DB-454A-94CC-B9E9E40127CC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:ir2202n:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ED79E0A-1A3E-4365-976D-457C7D928E40", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:ir2204n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "389E9883-CCD6-44CC-B0DC-0550C6BD1046", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:ir2204n:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9513E67-D7B8-42EE-B9BF-6BE51EE47F3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:ir2204f_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BCB9E7D2-8506-4489-AD89-459F99FE7BE4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:ir2204f:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CB806C6-20B2-49C7-9D06-D25261CF1102", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:ir2206n_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFD9B73D-59AA-4A54-B39B-6890D8752F56", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:ir2206n:-:*:*:*:*:*:*:*", "matchCriteriaId": "E891FD81-FE64-4D0F-873C-BE9E5BE21E69", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canon:ir2206if_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC77979C-E077-47E9-A2C3-39BB67AE22E8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:canon:ir2206if:-:*:*:*:*:*:*:*", "matchCriteriaId": "52EBE832-BA88-4C30-96FA-83DAA8B3FE98", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Canon MF237w 06.07 devices. An \"Improper Handling of Length Parameter Inconsistency\" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos Canon MF237w versi\u00f3n 06.07. Un problema de \"Improper Handling of Length Parameter Inconsistency\" en el componente IPv4/ICMPv4, cuando se maneja un paquete enviado por un atacante de red no autenticado, puede exponer informaci\u00f3n confidencial"}], "id": "CVE-2020-16849", "lastModified": "2020-12-04T17:38:01.333", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-30T22:15:10.777", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://blog.scadafence.com/vulnerability-report-cve-2020-16849"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.canon-europe.com/support/product-security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}