PT-2021-17892 · Xerox · Xerox C8030/C8035+3
Published
2021-03-29
·
Updated
2021-04-01
·
CVE-2021-28669
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Xerox AltaLink B80xx versions prior to 103.008.020.23120
Xerox C8030/C8035 versions prior to 103.001.020.23120
Xerox C8045/C8055 versions prior to 103.002.020.23120
Xerox C8070 versions prior to 103.003.020.23120
Description:
The issue allows configuration attributes to be set without requiring administrative rights.
Recommendations:
For Xerox AltaLink B80xx versions prior to 103.008.020.23120, update to version 103.008.020.23120 or later.
For Xerox C8030/C8035 versions prior to 103.001.020.23120, update to version 103.001.020.23120 or later.
For Xerox C8045/C8055 versions prior to 103.002.020.23120, update to version 103.002.020.23120 or later.
For Xerox C8070 versions prior to 103.003.020.23120, update to version 103.003.020.23120 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xerox Altalink B80Xx
Xerox C8030/C8035
Xerox C8045/C8055
Xerox C8070