All vulnerabilities
CVE-2023-27350 Known ransomware use
PaperCut MF/NG Improper Access Control Vulnerability
PaperCut — MF/NG
- Added to KEV catalog
- 21 April 2023
- Federal remediation due date
- 12 May 2023
- Weakness classification (CWE)
- CWE-284
CISA Description
PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.
Required action
Apply updates per vendor instructions.
Notes
https://www.papercut.com/kb/Main/PO-1216-and-PO-1219; https://nvd.nist.gov/vuln/detail/CVE-2023-27350
More PaperCut Vulnerabilities
Confirm Your Exposure
Is this vulnerability present in your environment?
CRS delivers independent VAPT assessments that identify exactly which known-exploited vulnerabilities exist in your network, applications, and infrastructure.
Explore VAPT Services