CVE-2021-20869

Name of the Vulnerable Software and Affected Versions KONICA MINOLTA bizhub series versions G00-35 and earlier KONICA MINOLTA bizhub series versions G00-B6 and earlier KONICA MINOLTA bizhub series versions G00-37 and earlier KONICA MINOLTA bizhub series versions G00-33 and earlier KONICA MINOLTA bizhub series versions G00-19 and earlier KONICA MINOLTA bizhub series versions GC7-X8 and earlier KONICA MINOLTA bizhub series versions GC9-X4 and earlier KONICA MINOLTA bizhub series versions GDQ-M0 and earlier KONICA MINOLTA bizhub series versions GDQ-M1 and earlier KONICA MINOLTA bizhub series versions GR1-M0 and earlier KONICA MINOLTA bizhub series versions G00-22 and earlier

Description The issue allows an attacker on the adjacent network to obtain some of user credentials if LDAP server authentication is enabled via a specific SOAP message.

Recommendations For KONICA MINOLTA bizhub series versions G00-35 and earlier, consider disabling LDAP server authentication until a patch is available. For KONICA MINOLTA bizhub series versions G00-B6 and earlier, restrict access to the SOAP message endpoint to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions G00-37 and earlier, avoid using the SOAP message endpoint until the issue is resolved. For KONICA MINOLTA bizhub series versions G00-33 and earlier, consider implementing additional authentication measures to prevent unauthorized access. For KONICA MINOLTA bizhub series versions G00-19 and earlier, restrict access to the LDAP server authentication endpoint to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions GC7-X8 and earlier, consider disabling the SOAP message endpoint until a patch is available. For KONICA MINOLTA bizhub series versions GC9-X4 and earlier, restrict access to the LDAP server authentication endpoint to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions GDQ-M0 and earlier, avoid using the SOAP message endpoint until the issue is resolved. For KONICA MINOLTA bizhub series versions GDQ-M1 and earlier, consider implementing additional authentication measures to prevent unauthorized access. For KONICA MINOLTA bizhub series versions GR1-M0 and earlier, restrict access to the SOAP message endpoint to minimize the risk of exploitation. For KONICA MINOLTA bizhub series versions G00-22 and earlier, consider disabling LDAP server authentication until a patch is available.