Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-1558

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-14 May, 2010 | 19:24
Updated At-07 Aug, 2024 | 01:28
Rejected At-
Credits

Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:14 May, 2010 | 19:24
Updated At:07 Aug, 2024 | 01:28
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
vdb-entry
x_refsource_XF
http://marc.info/?l=bugtraq&m=127376308013422&w=2
vendor-advisory
x_refsource_HP
http://osvdb.org/64661
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/bid/40147
vdb-entry
x_refsource_BID
http://marc.info/?l=bugtraq&m=127376308013422&w=2
vendor-advisory
x_refsource_HP
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://osvdb.org/64661
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/bid/40147
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Resource:
vendor-advisory
x_refsource_HP
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
vdb-entry
x_refsource_XF
x_transferred
http://marc.info/?l=bugtraq&m=127376308013422&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://osvdb.org/64661
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/bid/40147
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=bugtraq&m=127376308013422&w=2
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://osvdb.org/64661
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/bid/40147
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:14 May, 2010 | 19:30
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.7MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
Type: Primary
Version: 2.0
Base score: 4.7
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:N/A:N
CPE Matches
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>Versions up to 4.18.2(inclusive)
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:*:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.00
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.00:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.02
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.02:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.03
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.03:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.04
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.04:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.05
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.05:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.06
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.06:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.07
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.07:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.08
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.08:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.09
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.09:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.10
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.10:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.11
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.11:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.12
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.12:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.13
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.13:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.14
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.14:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.15
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.15:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.16
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.16:*:*:*:*:*:*:*
HP Inc.
hp
>>multifunction_peripheral_digital_sending_software>>4.17
cpe:2.3:a:hp:multifunction_peripheral_digital_sending_software:4.17:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://marc.info/?l=bugtraq&m=127376308013422&w=2hp-security-alert@hp.com
Vendor Advisory
http://marc.info/?l=bugtraq&m=127376308013422&w=2hp-security-alert@hp.com
Vendor Advisory
http://osvdb.org/64661hp-security-alert@hp.com
N/A
http://www.securityfocus.com/bid/40147hp-security-alert@hp.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/58618hp-security-alert@hp.com
N/A
http://marc.info/?l=bugtraq&m=127376308013422&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://marc.info/?l=bugtraq&m=127376308013422&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://osvdb.org/64661af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/40147af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/58618af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://osvdb.org/64661
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40147
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=127376308013422&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://osvdb.org/64661
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40147
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58618
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2011-0030
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.36% / 57.11%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly kill processes after a logout, which allows local users to obtain sensitive information or gain privileges via a crafted application that continues to execute throughout the logout of one user and the login session of the next user, aka "CSRSS Elevation of Privilege Vulnerability," a different vulnerability than CVE-2010-0023.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpwindows_2003_servern/a
CVE-2017-11831
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-1.20% / 78.09%
||
7 Day CHG~0.00%
Published-15 Nov, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted application that can compromise the user's system due to how the Windows kernel initializes memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11880.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_serverwindows_server_2016windows_8.1windows_rt_8.1windows_10Windows kernel
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-21845
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.88% / 74.34%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 22:36
Updated-08 Jul, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Information Disclosure Vulnerability

Windows Kernel Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_11windows_10windows_server_2022windows_server_2019windows_server_2008Windows Server 2016 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 20H2Windows Server 2012 R2 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 21H2Windows Server version 20H2Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2016Windows 7Windows 11 version 21H2Windows 7 Service Pack 1Windows 10 Version 21H1
CVE-2022-1794
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.55%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 10:40
Updated-16 Sep, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Plaintext Storage of a password in CODESYS V3 OPC DA Server

The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system.

Action-Not Available
Vendor-CODESYS GmbHMicrosoft Corporation
Product-windowsopc_da_serverCODESYS OPC DA Server
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-30212
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.31% / 53.81%
||
7 Day CHG~0.00%
Published-12 Jul, 2022 | 22:37
Updated-08 Jul, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Connected Devices Platform Service Information Disclosure Vulnerability

Windows Connected Devices Platform Service Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_11windows_10windows_server_2022windows_server_2019Windows Server 2022Windows 10 Version 21H2Windows Server 2019 (Server Core installation)Windows Server version 20H2Windows Server 2019Windows 10 Version 1809Windows 10 Version 20H2Windows 11 version 21H2Windows 10 Version 21H1
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-29116
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.35% / 56.93%
||
7 Day CHG~0.00%
Published-10 May, 2022 | 20:34
Updated-02 Jan, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Information Disclosure Vulnerability

Windows Kernel Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11Windows 11 version 21H2
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2015-2453
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.7||MEDIUM
EPSS-5.45% / 89.80%
||
7 Day CHG~0.00%
Published-15 Aug, 2015 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information via a crafted application that continues to execute during a subsequent user's login session, aka "Windows CSRSS Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2012windows_8.1windows_10n/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-0888
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.6||MEDIUM
EPSS-1.02% / 76.34%
||
7 Day CHG~0.00%
Published-14 Mar, 2018 | 17:00
Updated-16 Sep, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how guest operating system input is validated, aka "Hyper-V Information Disclosure Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_server_2012windows_8.1windows_7windows_10windows_server_2008Hyper-V Network SwitchHyper-V Network Switch
CWE ID-CWE-20
Improper Input Validation
Details not found