PT-2021-17891 · Xerox · Xerox C8030/C8035+3
Published
2021-03-29
·
Updated
2021-04-01
·
CVE-2021-28668
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Xerox AltaLink B80xx versions prior to 103.008.020.23120
Xerox C8030/C8035 versions prior to 103.001.020.23120
Xerox C8045/C8055 versions prior to 103.002.020.23120
Xerox C8070 versions prior to 103.003.020.23120
Description:
The issue is related to SQL injection vulnerabilities. This means that an attacker could potentially inject malicious SQL code into the system, allowing them to manipulate or access sensitive data.
Recommendations:
For Xerox AltaLink B80xx versions prior to 103.008.020.23120, update to version 103.008.020.23120 or later.
For Xerox C8030/C8035 versions prior to 103.001.020.23120, update to version 103.001.020.23120 or later.
For Xerox C8045/C8055 versions prior to 103.002.020.23120, update to version 103.002.020.23120 or later.
For Xerox C8070 versions prior to 103.003.020.23120, update to version 103.003.020.23120 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xerox Altalink B80Xx
Xerox C8030/C8035
Xerox C8045/C8055
Xerox C8070