CVE-2024-1222

This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.
Configurations

No configuration.

History

26 Sep 2024, 04:15

Type Values Removed Values Added
CWE CWE-200 CWE-250
Summary
  • (es) Esto permite a los atacantes utilizar una solicitud de API formada de forma maliciosa para obtener acceso a un nivel de autorización de API con privilegios elevados. Esto se aplica a un pequeño subconjunto de llamadas API de PaperCut NG/MF.
Summary (en) This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls. (en) This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls.

14 Mar 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-14 03:15

Updated : 2024-09-26 04:15


NVD link : CVE-2024-1222

Mitre link : CVE-2024-1222

CVE.ORG link : CVE-2024-1222


JSON object : View

Products Affected

No product.

CWE
CWE-250

Execution with Unnecessary Privileges