PaperCut NG Authentication Bypass (CVE-2023-27350)

critical Nessus Plugin ID 174747

Version 1.33

Nov 26, 2024, 10:00 AM

  • New

Plugin Feed: 202411261000

Version 1.32

Nov 22, 2024, 6:54 PM

  • Logic Changes (Fixed installation reporting)

Plugin Feed: 202411221854

Version 1.31

Nov 12, 2024, 8:29 PM

  • Logic Changes (Adding installs report)

Plugin Feed: 202411122029

Version 1.30

Oct 10, 2024, 11:57 PM

  • New

Plugin Feed: 202410102357

Version 1.27

Jul 31, 2024, 9:53 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")

Plugin Feed: 202407310953

Version 1.24

Jul 17, 2024, 11:02 PM

  • Logic Changes

Plugin Feed: 202407172302

Version 1.22

May 20, 2024, 10:13 AM

  • Logic Changes

Plugin Feed: 202405201013

Version 1.19

Mar 19, 2024, 6:40 PM

  • Logic Changes (Improving logging to reduce disk space usage)

Plugin Feed: 202403191840

Version 1.16

Feb 9, 2024, 11:22 AM

  • New

Plugin Feed: 202402091122

Version 1.13

Sep 26, 2023, 8:16 PM

  • Logic Changes

Plugin Feed: 202309262016

Version 1.12

Aug 24, 2023, 4:26 PM

  • Exploit attributes ("Exploit framework core" set to "True")

Plugin Feed: 202308241626

Version 1.11

Jul 17, 2023, 5:15 PM

  • Logic Changes (Make torture_cgi library PCP clean and consolidate utf16_to_ascii())

Plugin Feed: 202307171715

Version 1.10

Jun 20, 2023, 9:07 PM

  • Logic Changes (Temporarily limit debug logging)

Plugin Feed: 202306202107

Version 1.8

Jun 8, 2023, 9:25 PM

  • Exploit attributes ("Exploit framework metasploit" set to "True")

Plugin Feed: 202306082125

Version 1.6

Jun 1, 2023, 5:27 AM

  • Logic Changes (Better logging)

Plugin Feed: 202306010527

Version 1.5

May 3, 2023, 7:12 PM

  • CVSS metrics ("CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 score" changed from 7.5 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C")

Plugin Feed: 202305031912

Version 1.4

May 1, 2023, 9:07 PM

  • Detection (Make and use compatibility wrapper for running commands on scanner localhost to handle deprecation of pread().)

Plugin Feed: 202305012107

Version 1.2

Apr 26, 2023, 4:05 PM

  • CISA reference

Plugin Feed: 202304261605

Version 1.1

Apr 26, 2023, 2:08 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploitability ease" set to "Exploits are available". "Exploitability ease" set to "Exploits are available". "Exploitability ease" set to "Exploits are available". "Exploitability ease" set to "Exploits are available")

Plugin Feed: 202304261408

Version 1.0

Apr 25, 2023, 11:11 PM

  • New

Plugin Feed: 202304252311

* Changelogs are generally available for changes made after Nov 1, 2022