9.8

CVE-2021-28671

EPSS 1.58%
Published 29.03.2021 21:15:13
Last modified 21.11.2024 06:00:04
Source cve@mitre.org
Teams watchlist Login
Open Login

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 have a remote Command Execution vulnerability in the Web User Interface that allows remote attackers with "a weaponized clone file" to execute arbitrary commands.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Xerox ≫ Phaser 6510 Firmware Version < 64.59.11

Xerox ≫ Phaser 6510 Version-

Xerox ≫ Workcentre 6515 Firmware Version < 65.59.11

Xerox ≫ Workcentre 6515 Version-

Xerox ≫ Versalink B400 Firmware Version < 37.59.01

Xerox ≫ Versalink B400 Version-

Xerox ≫ Versalink B405 Firmware Version < 38.59.01

Xerox ≫ Versalink B405 Version-

Xerox ≫ Versalink B600 Firmware Version < 32.59.01

Xerox ≫ Versalink B600 Version-

Xerox ≫ Versalink B610 Firmware Version < 32.59.01

Xerox ≫ Versalink B610 Version-

Xerox ≫ Versalink B605 Firmware Version < 33.59.01

Xerox ≫ Versalink B605 Version-

Xerox ≫ Versalink B615 Firmware Version < 33.59.01

Xerox ≫ Versalink B615 Version-

Xerox ≫ Versalink B7025 Firmware Version < 58.59.11

Xerox ≫ Versalink B7025 Version-

Xerox ≫ Versalink B7030 Firmware Version < 58.59.11

Xerox ≫ Versalink B7030 Version-

Xerox ≫ Versalink B7035 Firmware Version < 58.59.11

Xerox ≫ Versalink B7035 Version-

Xerox ≫ Versalink C400 Firmware Version < 67.59.01

Xerox ≫ Versalink C400 Version-

Xerox ≫ Versalink C405 Firmware Version < 68.59.01

Xerox ≫ Versalink C405 Version-

Xerox ≫ Versalink C500 Firmware Version < 61.59.01

Xerox ≫ Versalink C500 Version-

Xerox ≫ Versalink C600 Firmware Version < 61.59.01

Xerox ≫ Versalink C600 Version-

Xerox ≫ Versalink C505 Firmware Version < 62.59.01

Xerox ≫ Versalink C505 Version-

Xerox ≫ Versalink C605 Firmware Version < 62.59.01

Xerox ≫ Versalink C605 Version-

Xerox ≫ Versalink C7000 Firmware Version < 56.59.01

Xerox ≫ Versalink C7000 Version-

Xerox ≫ Versalink C7020 Firmware Version < 57.59.01

Xerox ≫ Versalink C7020 Version-

Xerox ≫ Versalink C7025 Firmware Version < 57.59.01

Xerox ≫ Versalink C7025 Version-

Xerox ≫ Versalink C7030 Firmware Version < 57.59.01

Xerox ≫ Versalink C7030 Version-

Xerox ≫ Versalink C8000 Firmware Version < 70.59.01

Xerox ≫ Versalink C8000 Version-

Xerox ≫ Versalink C9000 Firmware Version < 70.59.01

Xerox ≫ Versalink C9000 Version-

Xerox ≫ Phaser 6510 Firmware Version < 64.65.51

Xerox ≫ Phaser 6510 Version-

Xerox ≫ Workcentre 6515 Firmware Version < 65.65.51

Xerox ≫ Workcentre 6515 Version-

Xerox ≫ Versalink B400 Firmware Version < 37.65.51

Xerox ≫ Versalink B400 Version-

Xerox ≫ Versalink B405 Firmware Version < 38.65.51

Xerox ≫ Versalink B405 Version-

Xerox ≫ Versalink B610 Firmware Version < 32.65.51

Xerox ≫ Versalink B610 Version-

Xerox ≫ Versalink B605 Firmware Version < 33.65.51

Xerox ≫ Versalink B605 Version-

Xerox ≫ Versalink B615 Firmware Version < 33.65.51

Xerox ≫ Versalink B615 Version-

Xerox ≫ Versalink B7025 Firmware Version < 58.65.51

Xerox ≫ Versalink B7025 Version-

Xerox ≫ Versalink C400 Firmware Version < 67.65.51

Xerox ≫ Versalink C400 Version-

Xerox ≫ Versalink C405 Firmware Version < 68.65.51

Xerox ≫ Versalink C405 Version-

Xerox ≫ Versalink C500 Firmware Version < 61.65.51

Xerox ≫ Versalink C500 Version-

Xerox ≫ Versalink C600 Firmware Version < 61.65.51

Xerox ≫ Versalink C600 Version-

Xerox ≫ Versalink C505 Firmware Version < 62.65.51

Xerox ≫ Versalink C505 Version-

Xerox ≫ Versalink C605 Firmware Version < 62.65.51

Xerox ≫ Versalink C605 Version-

Xerox ≫ Versalink C7000 Firmware Version < 56.65.51

Xerox ≫ Versalink C7000 Version-

Xerox ≫ Versalink C7020 Firmware Version < 57.65.51

Xerox ≫ Versalink C7020 Version-

Xerox ≫ Versalink C7025 Firmware Version < 57.65.51

Xerox ≫ Versalink C7025 Version-

Xerox ≫ Versalink C7030 Firmware Version < 57.65.51

Xerox ≫ Versalink C7030 Version-

Xerox ≫ Versalink C8000 Firmware Version < 70.65.51

Xerox ≫ Versalink C8000 Version-

Xerox ≫ Versalink C9000 Firmware Version < 70.65.51

Xerox ≫ Versalink C9000 Version-

Xerox ≫ Versalink C8000w Firmware Version < 72.65.51

Xerox ≫ Versalink C8000w Version-

Xerox ≫ Versalink B600 Firmware Version < 32.65.51

Xerox ≫ Versalink B600 Version-

Xerox ≫ Versalink B7030 Firmware Version < 58.65.51

Xerox ≫ Versalink B7030 Version-

Xerox ≫ Versalink B7035 Firmware Version < 58.65.51

Xerox ≫ Versalink B7035 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.58%	0.798

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://securitydocs.business.xerox.com/wp-content/uploads/2021/03/cert_Security_Mini_Bulletin_XRX21D_for_PH6510_WC6515_VersaLink-1.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-28671

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-28671

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-28671

EUVD