Main Vulnerability Database SB2019072009

SB2019072009 - Improper Privilege Management in PrinterOn Central Print Services (CPS)

Published: July 20, 2019 Updated: July 23, 2019

Security Bulletin ID SB2019072009

CSH Severity

Critical

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper Privilege Management (CVE-ID: CVE-2018-17210)

The vulnerability allows a remote attacker to bypass the session checks on the target application.

The vulnerability exists within the PrinterOn web application due to the core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. A remote unprivileged users (guest) can call the core print job components directly via crafted HTTP GET and POST requests, bypass the session check and perform actions that would otherwise require the privileges of regular or administrative users within the application.

Vulnerable URLs:

/cps/SelectPrinter
/cps/servlet/StoreOptions
/cps/iframe/Submit
/cps/servlet/SubmitRequestServlet

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17210-Authorization_Bypass-PrinterOn