CVE-2014-8742

HIGH

Lexmark MarkVision Enterprise <2.1 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-411/
Not Applicable x_refsource_confirm
http://support.lexmark.com/index?page=content&id=TE666

Scores

CVSS v3 7.5
EPSS 0.0437
EPSS Percentile 90.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
lexmark/markvision_enterprise < 2.1
Published Jan 27, 2020
Tracked Since Feb 18, 2026