CVE-2021-20868

Name of the Vulnerable Software and Affected Versions KONICA MINOLTA bizhub series versions G00-35 and earlier KONICA MINOLTA bizhub series versions G00-B6 and earlier KONICA MINOLTA bizhub series versions G00-37 and earlier KONICA MINOLTA bizhub series versions G00-33 and earlier KONICA MINOLTA bizhub series versions G00-19 and earlier KONICA MINOLTA bizhub series versions GC7-X8 and earlier KONICA MINOLTA bizhub series versions GC9-X4 and earlier KONICA MINOLTA bizhub series versions GDQ-M0 and earlier KONICA MINOLTA bizhub series versions GDQ-M1 and earlier KONICA MINOLTA bizhub series versions GR1-M0 and earlier KONICA MINOLTA bizhub series versions G00-22 and earlier

Description The issue allows an attacker on the adjacent network to obtain user credentials if external server authentication is enabled via a specific SOAP message sent by an administrative user.

Recommendations For KONICA MINOLTA bizhub series versions G00-35 and earlier, consider disabling external server authentication until a patch is available. For KONICA MINOLTA bizhub series versions G00-B6 and earlier, restrict access to administrative users to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions G00-37 and earlier, avoid using the SOAP message sent by an administrative user until the issue is resolved. For KONICA MINOLTA bizhub series versions G00-33 and earlier, consider implementing additional authentication measures to prevent unauthorized access. For KONICA MINOLTA bizhub series versions G00-19 and earlier, restrict access to the external server authentication feature to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions GC7-X8 and earlier, consider disabling the vulnerable SOAP message until a patch is available. For KONICA MINOLTA bizhub series versions GC9-X4 and earlier, restrict access to administrative users to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions GDQ-M0 and earlier, avoid using the external server authentication feature until the issue is resolved. For KONICA MINOLTA bizhub series versions GDQ-M1 and earlier, consider implementing additional authentication measures to prevent unauthorized access. For KONICA MINOLTA bizhub series versions GR1-M0 and earlier, restrict access to the vulnerable SOAP message to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions G00-22 and earlier, consider disabling external server authentication until a patch is available.