Description

Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected productsmodelsversions, see the reference URL.

Classification

Assigner: ecc0f906-8666-484c-bcf8-c3b7520a72f0

CWE: CWE-79

Links
CPEs
  • toshiba printer

CVSS

CVSS version: 3.1 Base score: 6.1
Base severity: MEDIUM Vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability score: 2.8 Impact score: 2.7

Can you explain the CVE description?

This CVE description is about a vulnerability in Toshiba printers that have a web interface which loads a JavaScript file containing insecure code vulnerable to cross-site scripting (XSS). This vulnerability allows an attacker to steal the cookie of an admin user, potentially compromising sensitive information. The CVE identifier for this vulnerability is CVE-2024-27162 and it has a CVSS (Common Vulnerability Scoring System) score of 6.1, indicating a medium severity level. The affected products, models, and versions are listed in the reference URLs provided. The vulnerability was published on June 14, 2024, and is currently in the EARLY_WARNING status. The CWE (Common Weakness Enumeration) associated with this vulnerability is CWE-79. The vector CVSS shows the attack complexity, privileges required, user interaction, scope, and impact of the vulnerability. The exploitability score is 2.8 and the impact score is 2.7. The links provided in the description can be used for further information on this vulnerability.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by allowing an attacker to exploit the XSS vulnerability in the JavaScript file loaded by Toshiba printers web interface. The attacker could craft a malicious script that steals the cookie of an admin user accessing the printers web interface. With the stolen cookie, the attacker could then impersonate the admin user, gaining unauthorized access to sensitive information or perform malicious actions on the printer or network. The attack tree could include steps such as identifying the vulnerable Toshiba printers, crafting the malicious script, injecting it into the web interface, stealing the admin users cookie, and using it to carry out further attacks.


Generated on: 2024-07-05