How severe is CVE-2024-47176?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-47176?

This is classified as CWE-1327, which is a common weakness in software security.

CVE-2024-47176 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.

Related Vulnerabilities

CVE-2024-36105

MEDIUM

CVSS:5.3(Medium)

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to `INA...

CWE-13272024

CVE-2023-5398

MEDIUM

CVSS:5.9(Medium)

Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service. See Honeywell Security Notification for recommendations on upgrading and versionin...

CWE-13272023

CVE-2023-41742

MEDIUM

CVSS:4.3(Medium)

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, m...

CWE-13272023

CVE-2022-29820

LOW

CVSS:3.5(Low)

In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible

CWE-13272022

CVE-2024-49382

LOW

CVSS:3.5(Low)

Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

CWE-13272024

CVE-2024-49383

LOW

CVSS:3.5(Low)

Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.

CWE-13272024