// For flags

CVE-2024-21824

 

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Existe una vulnerabilidad de autenticación incorrecta en varias impresoras y escáneres que implementan la administración basada en web proporcionada por BROTHER INDUSTRIES, LTD. Si se explota esta vulnerabilidad, un usuario adyacente a la red que pueda acceder al producto puede hacerse pasar por un usuario administrativo. En cuanto a los detalles de los nombres de productos, números de modelo y versiones afectados, consulte la información proporcionada por los respectivos proveedores que figuran en [Referencias].

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-02-09 CVE Reserved
  • 2024-03-18 CVE Published
  • 2024-03-19 EPSS Updated
  • 2024-11-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-306: Missing Authentication for Critical Function
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
BROTHER INDUSTRIES, LTD.
Search vendor "BROTHER INDUSTRIES, LTD."
Multiple Printers And Scanners
Search vendor "BROTHER INDUSTRIES, LTD." for product "Multiple Printers And Scanners"
<=
Search vendor "BROTHER INDUSTRIES, LTD." for product "Multiple Printers And Scanners" and version " <= "
en
Affected
FUJIFILM Business Innovation Corp.
Search vendor "FUJIFILM Business Innovation Corp."
Multiple Printers And Scanners
Search vendor "FUJIFILM Business Innovation Corp." for product "Multiple Printers And Scanners"
<=
Search vendor "FUJIFILM Business Innovation Corp." for product "Multiple Printers And Scanners" and version " <= "
en
Affected
Toshiba Tec Corporation
Search vendor "Toshiba Tec Corporation"
Multiple Printers And Scanners
Search vendor "Toshiba Tec Corporation" for product "Multiple Printers And Scanners"
<=
Search vendor "Toshiba Tec Corporation" for product "Multiple Printers And Scanners" and version " <= "
en
Affected
RICOH COMPANY, LTD.
Search vendor "RICOH COMPANY, LTD."
Multiple Printers And Scanners
Search vendor "RICOH COMPANY, LTD." for product "Multiple Printers And Scanners"
<=
Search vendor "RICOH COMPANY, LTD." for product "Multiple Printers And Scanners" and version " <= "
en
Affected