Improper Privilege Management in PrinterOn Central Print Services (CPS) - CVE-2018-17210
Published: July 23, 2019
Vulnerability identifier: #VU19310
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Red
CVE-ID: CVE-2018-17210
CWE-ID: CWE-269
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: PrinterOn
Affected software:
PrinterOn Central Print Services (CPS)
PrinterOn Central Print Services (CPS)
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass the session checks on the target application.
The vulnerability exists within the PrinterOn web application due to the core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. A remote unprivileged users (guest) can call the core print job components directly via crafted HTTP GET and POST requests, bypass the session check and perform actions that would otherwise require the privileges of regular or administrative users within the application.
Vulnerable URLs:
- /cps/SelectPrinter
- /cps/servlet/StoreOptions
- /cps/iframe/Submit
- /cps/servlet/SubmitRequestServlet
How to mitigate CVE-2018-17210
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.