CVE-2013-4613
Summary
| CVE | CVE-2013-4613 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-06-21 21:55:00 UTC |
| Updated | 2013-06-24 22:28:00 UTC |
| Description | The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the Advanced page. NOTE: the vendor has apparently responded by stating "for user convenience, the default setting does not require a password. However, if a user has a particular concern about third parties accessing the user's home printer, the default setting can be changed to add a password." |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Canon | Mg3100 Printer | - | All | All | All |
| Hardware | Canon | Mg3100 Printer | - | All | All | All |
| Hardware | Canon | Mg5300 Printer | - | All | All | All |
| Hardware | Canon | Mg5300 Printer | - | All | All | All |
| Hardware | Canon | Mg6100 Printer | - | All | All | All |
| Hardware | Canon | Mg6100 Printer | - | All | All | All |
| Hardware | Canon | Mp340 Printer | - | All | All | All |
| Hardware | Canon | Mp340 Printer | - | All | All | All |
| Hardware | Canon | Mp495 Printer | - | All | All | All |
| Hardware | Canon | Mp495 Printer | - | All | All | All |
| Hardware | Canon | Mx870 Printer | - | All | All | All |
| Hardware | Canon | Mx870 Printer | - | All | All | All |
| Hardware | Canon | Mx890 Printer | - | All | All | All |
| Hardware | Canon | Mx890 Printer | - | All | All | All |
| Hardware | Canon | Mx920 Printer | - | All | All | All |
| Hardware | Canon | Mx920 Printer | - | All | All | All |
| Hardware | Canon | Mx922 Printer | - | All | All | All |
| Hardware | Canon | Mx922 Printer | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Canon, Y U NO Security? - MattAndreko.com | MISC | www.mattandreko.com | |
| 20130618 Canon Wireless Printer Disclosure & DoS | FULLDISC | archives.neohapsis.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.