PT-2017-19086 · Pdq Manufacturing · Laserwash G5 S+9
Billy Rios
+2
·
Published
2017-08-07
·
Updated
2019-10-09
·
CVE-2017-9630
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
PDQ Manufacturing LaserWash G5 and G5 S Series versions all
PDQ Manufacturing LaserWash M5 versions all
PDQ Manufacturing LaserWash 360 and 360 Plus versions all
PDQ Manufacturing LaserWash AutoXpress and AutoExpress Plus versions all
PDQ Manufacturing LaserJet versions all
PDQ Manufacturing ProTouch Tandem versions all
PDQ Manufacturing ProTouch ICON versions all
PDQ Manufacturing ProTouch AutoGloss versions all
Description
An issue was discovered where the web server does not properly verify that provided authentication information is correct, leading to an improper authentication problem.
Recommendations
For all versions of the affected products, ensure proper authentication mechanisms are in place to verify the correctness of provided authentication information.
As a temporary workaround, consider restricting access to the web server until a proper fix is implemented.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Laserjet
Laserwash 360
Laserwash 360 Plus
Laserwash Autoexpress Plus
Laserwash Autoxpress
Laserwash G5 S
Laserwash M5
Protouch Autogloss
Protouch Icon
Protouch Tandem