PaperCut MF/NG Improper Access Control Vulnerability

Added April 21, 2023 • Due May 12, 2023 • CVE-2023-27350

Overdue PaperCut / MF/NG Known Ransomware Use CWE-284

Description

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.

Required Action

Apply updates per vendor instructions.

References

https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
https://nvd.nist.gov/vuln/detail/CVE-2023-27350

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 5 months, 4 weeks ago