7.5
CVE-2019-18630
- EPSS 0.19%
- Veröffentlicht 04.03.2021 23:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:24
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xerox ≫ Altalink B8045 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8055 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8065 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8075 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink B8090 Firmware Version < 103.008.010.14010
Xerox ≫ Altalink C8030 Firmware Version < 103.001.010.14010
Xerox ≫ Altalink C8035 Firmware Version < 103.001.010.14010
Xerox ≫ Altalink C8045 Firmware Version < 103.002.010.14010
Xerox ≫ Altalink C8055 Firmware Version < 103.002.010.14010
Xerox ≫ Altalink C8070 Firmware Version < 103.003.010.14010
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.374 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-312 Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.