Home

CVE-2024-47176

Description

CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDR_ANY:631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
87.593

Associated Vulnerability

VulnerabilityOS Platform
OpenPrinting cups-browsed (USN-7042-1) cups-browsed_2.0.0-0ubuntu10.1_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-1) cups-browsed_1.27.4-1ubuntu0.3_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-1) cups-browsed_1.28.15-0ubuntu1.3_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-1) cups-filters_1.27.4-1ubuntu0.3_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-1) cups-filters_1.28.15-0ubuntu1.3_amd64.debLinux
(RHSA-2024:7346)Important: security update cups-filters-libs-debuginfo-1.28.7-17.el9_4.x86_64.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-libs-debuginfo-1.28.7-17.el9_4.i686.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-libs-1.28.7-17.el9_4.x86_64.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-libs-1.28.7-17.el9_4.i686.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-debugsource-1.28.7-17.el9_4.x86_64.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-debugsource-1.28.7-17.el9_4.i686.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-debuginfo-1.28.7-17.el9_4.x86_64.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-debuginfo-1.28.7-17.el9_4.i686.rpmLinux
(RHSA-2024:7346)Important: security update cups-filters-1.28.7-17.el9_4.x86_64.rpmLinux
cups-filters security update(DSA-5778-1) cups-browsed_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) cups-browsed_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) libfontembed1_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) libfontembed-dev_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) libfontembed-dev_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) libcupsfilters1_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) libcupsfilters1_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) cups-filters_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) cups-filters_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) cups-filters-core-drivers_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) cups-filters-core-drivers_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) libcupsfilters-dev_1.28.17-3+deb12u1_i386.debLinux
cups-filters security update(DSA-5778-1) libcupsfilters-dev_1.28.17-3+deb12u1_amd64.debLinux
cups-filters security update(DSA-5778-1) libfontembed1_1.28.17-3+deb12u1_i386.debLinux
Cups-filters update (ELSA-2024-7346) cups-filters-1.28.7-17.0.1.el9_4.x86_64.rpmLinux
Cups-filters-libs update (ELSA-2024-7346) cups-filters-libs-1.28.7-17.0.1.el9_4.i686.rpmLinux
Cups-filters-libs update (ELSA-2024-7346) cups-filters-libs-1.28.7-17.0.1.el9_4.x86_64.rpmLinux
cups-filters security update (RLSA-2024:7346) cups-filters-libs-1.28.7-17.el9_4.x86_64.rpmLinux
cups-filters security update (RLSA-2024:7346) cups-filters-libs-1.28.7-17.el9_4.i686.rpmLinux
cups-filters security update (RLSA-2024:7346) cups-filters-1.28.7-17.el9_4.x86_64.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-libs-debuginfo-1.20.0-35.el8_10.x86_64.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-libs-debuginfo-1.20.0-35.el8_10.i686.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-libs-1.20.0-35.el8_10.x86_64.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-libs-1.20.0-35.el8_10.i686.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-debugsource-1.20.0-35.el8_10.x86_64.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-debugsource-1.20.0-35.el8_10.i686.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-debuginfo-1.20.0-35.el8_10.x86_64.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-debuginfo-1.20.0-35.el8_10.i686.rpmLinux
(RHSA-2024:7463)Important: security update cups-filters-1.20.0-35.el8_10.x86_64.rpmLinux
Cups-filters update (ELSA-2024-7463) cups-filters-1.20.0-35.0.1.el8_10.x86_64.rpmLinux
Cups-filters-libs update (ELSA-2024-7463) cups-filters-libs-1.20.0-35.0.1.el8_10.x86_64.rpmLinux
Cups-filters-libs update (ELSA-2024-7463) cups-filters-libs-1.20.0-35.0.1.el8_10.i686.rpmLinux
OpenPrinting cups-browsed (USN-7042-2) cups-browsed_2.0.0-0ubuntu10.2_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-4) cups-browsed_1.27.4-1ubuntu0.4_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-4) cups-browsed_1.28.15-0ubuntu1.4_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-4) cups-filters_1.27.4-1ubuntu0.4_amd64.debLinux
OpenPrinting CUPS Filters (USN-7043-4) cups-filters_1.28.15-0ubuntu1.4_amd64.debLinux
cups-filters Security Update (ALAS-2024-723) cups-filters-devel-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux
cups-filters Security Update (ALAS-2024-723) cups-filters-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux
cups-filters Security Update (ALAS-2024-723) cups-filters-libs-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux
OpenPrinting cups-browsed (USN-7042-3) cups-browsed_2.0.1-0ubuntu2.1_amd64.debLinux
cups-filters security update (RLSA-2024:7463) cups-filters-libs-1.20.0-35.el8_10.x86_64.rpmLinux
cups-filters security update (RLSA-2024:7463) cups-filters-libs-1.20.0-35.el8_10.i686.rpmLinux
cups-filters security update (RLSA-2024:7463) cups-filters-1.20.0-35.el8_10.x86_64.rpmLinux
cups-filters Security Update (ALAS-2024-2656) cups-filters-libs-1.0.35-26.amzn2.0.1.i686.rpmLinux
cups-filters Security Update (ALAS-2024-2656) cups-filters-libs-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
cups-filters Security Update (ALAS-2024-2656) cups-filters-devel-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
cups-filters Security Update (ALAS-2024-2656) cups-filters-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
Cups-filters-libs update (ELSA-2024-7553) cups-filters-libs-1.0.35-29.0.3.el7_9.x86_64.rpmLinux
Cups-filters-libs update (ELSA-2024-7553) cups-filters-libs-1.0.35-29.0.3.el7_9.i686.rpmLinux
Cups-filters update (ELSA-2024-7553) cups-filters-1.0.35-29.0.3.el7_9.x86_64.rpmLinux
Important: cups-filters security update cups-filters-1.20.0-35.el8_10.x86_64.rpmLinux
Important: cups-filters security update cups-filters-libs-1.20.0-35.el8_10.i686.rpmLinux
Important: cups-filters security update cups-filters-libs-1.20.0-35.el8_10.x86_64.rpmLinux
cups-filters Security Update (ALAS2-2024-2656) cups-filters-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
cups-filters Security Update (ALAS2-2024-2656) cups-filters-devel-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
cups-filters Security Update (ALAS2-2024-2656) cups-filters-libs-1.0.35-26.amzn2.0.1.x86_64.rpmLinux
cups-filters Security Update (ALAS2-2024-2656) cups-filters-libs-1.0.35-26.amzn2.0.1.i686.rpmLinux
cups-filters Security Update (ALAS2023-2024-723) cups-filters-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux
cups-filters Security Update (ALAS2023-2024-723) cups-filters-devel-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux
cups-filters Security Update (ALAS2023-2024-723) cups-filters-libs-1.28.16-3.amzn2023.0.3.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234