Description

The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) before 5.5.2 (July 2023) performs expensive RSA key-generation operations, which allows attackers to cause a denial of service (DoS) by requesting that form repeatedly.

Related CPE's

a

ecisolutions

printanista_managed_print_service

Vulnerable

References

https://releasenotes.printanista.net/PrintanistaHub

https://www.ecisolutions.com/products/printanista-hub/

ProductVendor Advisory

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-042.txt

ExploitThird Party Advisory

https://www.ecisolutions.com/products/printanista-hub/

ProductVendor Advisory

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-042.txt

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.9 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-09-15T13:15:10.450Z

3 years ago

Last modified

2024-11-21T06:21:16.663Z

1 year ago