Assigner | PaperCut |
Reserved | 2024-03-28 |
Published | 2024-05-14 |
Updated | 2024-05-14 |
Description
An arbitrary file deletion vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This vulnerability requires local login/console access to the PaperCut NG/MF server (eg: member of a domain admin group).
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H |
Problem types
CWE-59 Improper Link Resolution Before File Access ('Link Following')
Product status
Any version
References
https://www.papercut.com/kb/Main/security-bulletin-may-2024/