CVE-2023-6006

This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must be able to write into the local C Drive. In addition, the attacker must have admin privileges to enable Print Archiving or encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.papercut.com/kb/Main/CommonSecurityQuestions/	Vendor Advisory
https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

OR	cpe:2.3:a:papercut:papercut_mf::::::::
	cpe:2.3:a:papercut:papercut_ng::::::::

History

No history.

Information

Published : 2023-11-14 04:15

Updated : 2023-11-21 16:12

NVD link : CVE-2023-6006

Mitre link : CVE-2023-6006

CVE.ORG link : CVE-2023-6006

JSON object : View

Products Affected

papercut

papercut_ng
papercut_mf

microsoft

windows

CWE

NVD-CWE-noinfo CWE-269

Improper Privilege Management

{"id": "CVE-2023-6006", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}]}, "published": "2023-11-14T04:15:07.850", "references": [{"url": "https://www.papercut.com/kb/Main/CommonSecurityQuestions/", "tags": ["Vendor Advisory"], "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4"}, {"url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023/", "tags": ["Vendor Advisory"], "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "eb41dac7-0af8-4f84-9f6d-0272772514f4", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability potentially allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must be able to write into the local C Drive. In addition, the attacker must have admin privileges to enable Print Archiving or encounter a misconfigured system. This vulnerability does not apply to PaperCut NG installs that have Print Archiving enabled and configured as per the recommended set up procedure. This specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM"}, {"lang": "es", "value": "Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de PaperCut NG. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del proceso pc-pdl-to-image. El proceso carga un ejecutable desde una ubicaci\u00f3n no segura. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM."}], "lastModified": "2023-11-21T16:12:34.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C90A3C1C-5F05-4FA3-89D6-8A6D0A17664B", "versionEndExcluding": "23.0.1"}, {"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D754F687-4EFB-4B04-96CE-C78C30B527FB", "versionEndExcluding": "23.0.1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "eb41dac7-0af8-4f84-9f6d-0272772514f4"}