CVE-2023-39143 Report - Details, Severity, & Advisories
Twingate Team
•
May 31, 2024
What is CVE-2023-39143?
CVE-2023-39143 is a critical vulnerability affecting PaperCut NG and PaperCut MF print management software on Windows systems, specifically those running versions prior to 22.1.3 with external device integration enabled. With a severity score of 9.8, it is crucial for organizations using the affected software to update to the latest version to mitigate the risk.
Who is impacted by CVE-2023-39143?
This critical vulnerability allows unauthenticated attackers to potentially read, delete, and upload arbitrary files, which could lead to remote code execution. It is important for organizations using the affected software to be aware of this issue and take necessary precautions.
What should I do if I’m affected?
If you're affected by the CVE-2023-39143 vulnerability, it's crucial to take action to protect your systems. Here's what you should do:
Upgrade to the latest PaperCut NG/MF version, 22.1.3, which contains patches for this vulnerability.
If upgrading isn't possible, configure an allowlist of device IP addresses permitted to communicate with the PaperCut server. Refer to the IP Address Allow-listing section of the PaperCut security best practices guide.
Stay informed about security updates and patch your systems as needed.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-39143 vulnerability, also known as PaperCut Path Traversal/File Upload RCE Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was disclosed on August 4, 2023, and affects PaperCut NG and PaperCut MF print management software on Windows systems prior to version 22.1.3.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-22, which involves improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'.
Learn More
For a comprehensive understanding of its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-39143 Report - Details, Severity, & Advisories
Twingate Team
•
May 31, 2024
What is CVE-2023-39143?
CVE-2023-39143 is a critical vulnerability affecting PaperCut NG and PaperCut MF print management software on Windows systems, specifically those running versions prior to 22.1.3 with external device integration enabled. With a severity score of 9.8, it is crucial for organizations using the affected software to update to the latest version to mitigate the risk.
Who is impacted by CVE-2023-39143?
This critical vulnerability allows unauthenticated attackers to potentially read, delete, and upload arbitrary files, which could lead to remote code execution. It is important for organizations using the affected software to be aware of this issue and take necessary precautions.
What should I do if I’m affected?
If you're affected by the CVE-2023-39143 vulnerability, it's crucial to take action to protect your systems. Here's what you should do:
Upgrade to the latest PaperCut NG/MF version, 22.1.3, which contains patches for this vulnerability.
If upgrading isn't possible, configure an allowlist of device IP addresses permitted to communicate with the PaperCut server. Refer to the IP Address Allow-listing section of the PaperCut security best practices guide.
Stay informed about security updates and patch your systems as needed.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-39143 vulnerability, also known as PaperCut Path Traversal/File Upload RCE Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was disclosed on August 4, 2023, and affects PaperCut NG and PaperCut MF print management software on Windows systems prior to version 22.1.3.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-22, which involves improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'.
Learn More
For a comprehensive understanding of its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2023-39143 Report - Details, Severity, & Advisories
Twingate Team
•
May 31, 2024
What is CVE-2023-39143?
CVE-2023-39143 is a critical vulnerability affecting PaperCut NG and PaperCut MF print management software on Windows systems, specifically those running versions prior to 22.1.3 with external device integration enabled. With a severity score of 9.8, it is crucial for organizations using the affected software to update to the latest version to mitigate the risk.
Who is impacted by CVE-2023-39143?
This critical vulnerability allows unauthenticated attackers to potentially read, delete, and upload arbitrary files, which could lead to remote code execution. It is important for organizations using the affected software to be aware of this issue and take necessary precautions.
What should I do if I’m affected?
If you're affected by the CVE-2023-39143 vulnerability, it's crucial to take action to protect your systems. Here's what you should do:
Upgrade to the latest PaperCut NG/MF version, 22.1.3, which contains patches for this vulnerability.
If upgrading isn't possible, configure an allowlist of device IP addresses permitted to communicate with the PaperCut server. Refer to the IP Address Allow-listing section of the PaperCut security best practices guide.
Stay informed about security updates and patch your systems as needed.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2023-39143 vulnerability, also known as PaperCut Path Traversal/File Upload RCE Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was disclosed on August 4, 2023, and affects PaperCut NG and PaperCut MF print management software on Windows systems prior to version 22.1.3.
Weakness Enumeration
The weakness enumeration for this vulnerability is categorized as CWE-22, which involves improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'.
Learn More
For a comprehensive understanding of its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions