CVE-2021-28672

EPSS 2.22%
Veröffentlicht 29.03.2021 21:15:13
Zuletzt bearbeitet 21.11.2024 06:00:04
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 allows remote attackers to execute arbitrary code through a buffer overflow in Web page parameter handling.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xerox ≫ Phaser 6510 Firmware Version < 64.59.11

Xerox ≫ Phaser 6510 Version-

Xerox ≫ Workcentre 6515 Firmware Version < 65.59.11

Xerox ≫ Workcentre 6515 Version-

Xerox ≫ Versalink B400 Firmware Version < 37.59.01

Xerox ≫ Versalink B400 Version-

Xerox ≫ Versalink B405 Firmware Version < 38.59.01

Xerox ≫ Versalink B405 Version-

Xerox ≫ Versalink B600 Firmware Version < 32.59.01

Xerox ≫ Versalink B600 Version-

Xerox ≫ Versalink B610 Firmware Version < 32.59.01

Xerox ≫ Versalink B610 Version-

Xerox ≫ Versalink B605 Firmware Version < 33.59.01

Xerox ≫ Versalink B605 Version-

Xerox ≫ Versalink B615 Firmware Version < 33.59.01

Xerox ≫ Versalink B615 Version-

Xerox ≫ Versalink B7025 Firmware Version < 58.59.11

Xerox ≫ Versalink B7025 Version-

Xerox ≫ Versalink B7030 Firmware Version < 58.59.11

Xerox ≫ Versalink B7030 Version-

Xerox ≫ Versalink B7035 Firmware Version < 58.59.11

Xerox ≫ Versalink B7035 Version-

Xerox ≫ Versalink C400 Firmware Version < 67.59.01

Xerox ≫ Versalink C400 Version-

Xerox ≫ Versalink C405 Firmware Version < 68.59.01

Xerox ≫ Versalink C405 Version-

Xerox ≫ Versalink C500 Firmware Version < 61.59.01

Xerox ≫ Versalink C500 Version-

Xerox ≫ Versalink C600 Firmware Version < 61.59.01

Xerox ≫ Versalink C600 Version-

Xerox ≫ Versalink C505 Firmware Version < 62.59.01

Xerox ≫ Versalink C505 Version-

Xerox ≫ Versalink C605 Firmware Version < 62.59.01

Xerox ≫ Versalink C605 Version-

Xerox ≫ Versalink C7000 Firmware Version < 56.59.01

Xerox ≫ Versalink C7000 Version-

Xerox ≫ Versalink C7020 Firmware Version < 57.59.01

Xerox ≫ Versalink C7020 Version-

Xerox ≫ Versalink C7025 Firmware Version < 57.59.01

Xerox ≫ Versalink C7025 Version-

Xerox ≫ Versalink C7030 Firmware Version < 57.59.01

Xerox ≫ Versalink C7030 Version-

Xerox ≫ Versalink C8000 Firmware Version < 70.59.01

Xerox ≫ Versalink C8000 Version-

Xerox ≫ Versalink C9000 Firmware Version < 70.59.01

Xerox ≫ Versalink C9000 Version-

Xerox ≫ Phaser 6510 Firmware Version < 64.65.51

Xerox ≫ Phaser 6510 Version-

Xerox ≫ Workcentre 6515 Firmware Version < 65.65.51

Xerox ≫ Workcentre 6515 Version-

Xerox ≫ Versalink B400 Firmware Version < 37.65.51

Xerox ≫ Versalink B400 Version-

Xerox ≫ Versalink B405 Firmware Version < 38.65.51

Xerox ≫ Versalink B405 Version-

Xerox ≫ Versalink B610 Firmware Version < 32.65.51

Xerox ≫ Versalink B610 Version-

Xerox ≫ Versalink B605 Firmware Version < 33.65.51

Xerox ≫ Versalink B605 Version-

Xerox ≫ Versalink B615 Firmware Version < 33.65.51

Xerox ≫ Versalink B615 Version-

Xerox ≫ Versalink B7025 Firmware Version < 58.65.51

Xerox ≫ Versalink B7025 Version-

Xerox ≫ Versalink C400 Firmware Version < 67.65.51

Xerox ≫ Versalink C400 Version-

Xerox ≫ Versalink C405 Firmware Version < 68.65.51

Xerox ≫ Versalink C405 Version-

Xerox ≫ Versalink C500 Firmware Version < 61.65.51

Xerox ≫ Versalink C500 Version-

Xerox ≫ Versalink C600 Firmware Version < 61.65.51

Xerox ≫ Versalink C600 Version-

Xerox ≫ Versalink C505 Firmware Version < 62.65.51

Xerox ≫ Versalink C505 Version-

Xerox ≫ Versalink C605 Firmware Version < 62.65.51

Xerox ≫ Versalink C605 Version-

Xerox ≫ Versalink C7000 Firmware Version < 56.65.51

Xerox ≫ Versalink C7000 Version-

Xerox ≫ Versalink C7020 Firmware Version < 57.65.51

Xerox ≫ Versalink C7020 Version-

Xerox ≫ Versalink C7025 Firmware Version < 57.65.51

Xerox ≫ Versalink C7025 Version-

Xerox ≫ Versalink C7030 Firmware Version < 57.65.51

Xerox ≫ Versalink C7030 Version-

Xerox ≫ Versalink C8000 Firmware Version < 70.65.51

Xerox ≫ Versalink C8000 Version-

Xerox ≫ Versalink C9000 Firmware Version < 70.65.51

Xerox ≫ Versalink C9000 Version-

Xerox ≫ Versalink C8000w Firmware Version < 72.65.51

Xerox ≫ Versalink C8000w Version-

Xerox ≫ Versalink B600 Firmware Version < 32.65.51

Xerox ≫ Versalink B600 Version-

Xerox ≫ Versalink B7030 Firmware Version < 58.65.51

Xerox ≫ Versalink B7030 Version-

Xerox ≫ Versalink B7035 Firmware Version < 58.65.51

Xerox ≫ Versalink B7035 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.22%	0.838

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://securitydocs.business.xerox.com/wp-content/uploads/2021/03/cert_Security_Mini_Bulletin_XRX21D_for_PH6510_WC6515_VersaLink-1.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-28672

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-28672

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-28672

EUVD