PT-2019-9404 · Xerox · Xerox C8030/C8035+3
Publicado
2019-01-03
·
Atualizado
2019-10-03
·
CVE-2018-17172
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Xerox AltaLink B80xx versions prior to 100.008.028.05200
Xerox C8030/C8035 versions prior to 100.001.028.05200
Xerox C8045/C8055 versions prior to 100.002.028.05200
Xerox C8070 versions prior to 100.003.028.05200
Description
The issue allows unauthenticated command injection in the web application.
Recommendations
For Xerox AltaLink B80xx versions prior to 100.008.028.05200, update to version 100.008.028.05200 or later.
For Xerox C8030/C8035 versions prior to 100.001.028.05200, update to version 100.001.028.05200 or later.
For Xerox C8045/C8055 versions prior to 100.002.028.05200, update to version 100.002.028.05200 or later.
For Xerox C8070 versions prior to 100.003.028.05200, update to version 100.003.028.05200 or later.
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Xerox Altalink B80Xx
Xerox C8030/C8035
Xerox C8045/C8055
Xerox C8070