CVE-2018-5409 Vulnerability Details

  /     /     /  

CVE-2018-5409 Metadata Quick Info

CVE Published: 08/05/2019 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: certcc | Vendor: PrinterLogic | Product: Management Software
Status : PUBLISHED

---

CVE-2018-5409 Description

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-494
CWE Name: CWE-494 Download of Code Without Integrity Check
Source: PrinterLogic

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).