Multiple vulnerabilities in PaperCut NG/MF
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2024-3037 CVE-2024-4712 CVE-2024-8405 CVE-2024-8404 |
| CWE-ID | CWE-284 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
PaperCut NG Other software / Other software solutions PaperCut MF Other software / Other software solutions |
| Vendor | PaperCut Software |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU92182
Risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-3037
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to delete arbitrary files.
The vulnerability exists due to improper access restrictions. A local user member of a domain admin group can delete arbitrary files on the system.
The vulnerability affects Windows servers with Web Print enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPaperCut NG: 20.0.1 - 23.0.8
PaperCut MF: 20.0.1 - 23.0.8
CPE2.3- cpe:2.3:a:papercut:papercut_ng:20.1.10:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_ng:21.2.14:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_ng:22.1.5:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_ng:23.0.8:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_mf:20.1.10:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_mf:21.2.14:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_mf:22.1.5:*:*:*:*:*:*:
- cpe:2.3:a:papercut:papercut_mf:23.0.8:*:*:*:*:*:*:
http://www.papercut.com/kb/Main/security-bulletin-may-2024/
http://www.zerodayinitiative.com/advisories/ZDI-24-1039/
http://www.zerodayinitiative.com/advisories/ZDI-24-1038/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU92183
Risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-4712
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
Description
The vulnerability allows a local user to create arbitrary files.
The vulnerability exists due to improper access restrictions. A local user member of a domain admin group can create arbitrary files on the system in specific locations used by the Web Print service.
The vulnerability affects Windows servers with Web Print enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPaperCut NG: 20.0.1 - 23.0.8
PaperCut MF: 20.0.1 - 23.0.8
CPE2.3http://www.papercut.com/kb/Main/security-bulletin-may-2024/
http://www.zerodayinitiative.com/advisories/ZDI-24-1155/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU97974
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-8405
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions. A local user member of a domain admin group can create arbitrary files on the system in specific locations used by the Web Print service and perform a denial of service (DoS) attack.
The vulnerability affects Windows servers with Web Print enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPaperCut NG: 20.0.1 - 23.0.8
PaperCut MF: 20.0.1 - 23.0.8
CPE2.3http://www.papercut.com/kb/Main/security-bulletin-may-2024/
http://www.zerodayinitiative.com/advisories/ZDI-24-1314/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU97973
Risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-8404
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
Description
The vulnerability allows a local user to delete arbitrary files.
The vulnerability exists due to improper access restrictions. A local user member of a domain admin group can delete arbitrary files on the system via the web-print-hot-folder.
The vulnerability affects Windows servers with Web Print enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPaperCut NG: 20.0.1 - 23.0.8
PaperCut MF: 20.0.1 - 23.0.8
CPE2.3http://www.papercut.com/kb/Main/security-bulletin-may-2024/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
