CVE-2022-40306

The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) before 5.5.2 (July 2023) performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://releasenotes.printanista.net/PrintanistaHub
https://www.ecisolutions.com/products/printanista-hub/	Product Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-042.txt	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ecisolutions:printanista_managed_print_service:*:*:*:*:*:*:*:*

History

16 Oct 2024, 17:15

Type	Values Removed	Values Added
References		() https://releasenotes.printanista.net/PrintanistaHub -
Summary	(en) The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly.	(en) The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) before 5.5.2 (July 2023) performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly.

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-400~~	NVD-CWE-Other

Information

Published : 2022-09-15 15:15

Updated : 2024-10-16 17:15

NVD link : CVE-2022-40306

Mitre link : CVE-2022-40306

CVE.ORG link : CVE-2022-40306

JSON object : View

Products Affected

ecisolutions

printanista_managed_print_service

CWE

NVD-CWE-Other

5.9 /10