4.9
CVE-2019-18628
- EPSS 0.17%
- Published 04.03.2021 07:15:13
- Last modified 21.11.2024 04:33:24
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information disclosure.
Data is provided by the National Vulnerability Database (NVD)
Xerox ≫ Altalink B8045 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8055 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8065 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8075 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8090 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink C8030 Firmware Version < 103.001.010.14010
Xerox ≫ Altalink C8035 Firmware Version < 103.001.010.14010
Xerox ≫ Altalink C8045 Firmware Version < 103.002.010.14010
Xerox ≫ Altalink C8055 Firmware Version < 103.002.010.14010
Xerox ≫ Altalink C8070 Firmware Version < 103.003.010.14010
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.352 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|