Lucene search

K

[email protected]CVE-2018-20767

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2018-20767

2022-10-0316:22:06

CWE-20

[email protected]

web.nvd.nist.gov

20

xerox workcentre

security vulnerability

authenticated remote execution

cve-2018-20767

nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.7%

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.

Affected configurations

NVD

Node

xeroxworkcentre_3655i_firmwareRange<073.060.048.15000

AND

xeroxworkcentre_3655iMatch-

Node

xeroxworkcentre_3655_firmwareRange<073.060.048.15000

AND

xeroxworkcentre_3655Match-

Node

xeroxworkcentre_5890i_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5890iMatch-

Node

xeroxworkcentre_5865i_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5865iMatch-

Node

xeroxworkcentre_5875i_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5875iMatch-

Node

xeroxworkcentre_5845_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5845Match-

Node

xeroxworkcentre_5865_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5865Match-

Node

xeroxworkcentre_5875_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5875Match-

Node

xeroxworkcentre_5890_firmwareRange<073.190.048.15000

AND

xeroxworkcentre_5890Match-

Node

xeroxworkcentre_5900_firmwareRange<073.091.048.15000

AND

xeroxworkcentre_5900Match-

Node

xeroxworkcentre_5900i_firmwareRange<073.091.048.15000

AND

xeroxworkcentre_5900iMatch-

Node

xeroxworkcentre_6655_firmwareRange<073.110.048.15000

AND

xeroxworkcentre_6655Match-

Node

xeroxworkcentre_6655i_firmwareRange<073.110.048.15000

AND

xeroxworkcentre_6655iMatch-

Node

xeroxworkcentre_7855_firmwareRange<073.040.048.15000

AND

xeroxworkcentre_7855Match-

Node

xeroxworkcentre_7225_firmwareRange<073.030.048.15000

AND

xeroxworkcentre_7225Match-

Node

xeroxworkcentre_7220_firmwareRange<073.030.048.15000

AND

xeroxworkcentre_7220Match-

Node

xeroxworkcentre_7220i_firmwareRange<073.030.048.15000

AND

xeroxworkcentre_7220iMatch-

Node

xeroxworkcentre_7225i_firmwareRange<073.030.048.15000

AND

xeroxworkcentre_7225iMatch-

Node

xeroxworkcentre_7855i_firmwareRange<073.040.048.15000

AND

xeroxworkcentre_7855iMatch-

Node

xeroxworkcentre_7845i_firmwareRange<073.040.048.15000

AND

xeroxworkcentre_7845iMatch-

Node

xeroxworkcentre_7835i_firmwareRange<073.010.048.15000

AND

xeroxworkcentre_7835iMatch-

Node

xeroxworkcentre_7830i_firmwareRange<073.010.048.15000

AND

xeroxworkcentre_7830iMatch-

Node

xeroxworkcentre_7830_firmwareRange<073.010.048.15000

AND

xeroxworkcentre_7830Match-

Node

xeroxworkcentre_7835_firmwareRange<073.010.048.15000

AND

xeroxworkcentre_7835Match-

Node

xeroxworkcentre_7845_firmwareRange<073.040.048.15000

AND

xeroxworkcentre_7845Match-

Node

xeroxworkcentre_7970_firmwareRange<073.200.048.15000

AND

xeroxworkcentre_7970Match-

Node

xeroxworkcentre_7970i_firmwareRange<073.200.048.15000

AND

xeroxworkcentre_7970iMatch-

Node

xeroxworkcentre_ec7836_firmwareRange<073.050.048.15000

AND

xeroxworkcentre_ec7836Match-

Node

xeroxworkcentre_ec7856_firmwareRange<073.020.048.15000

AND

xeroxworkcentre_ec7856Match-

CPENameOperatorVersion
xerox:workcentre_3655i_firmwarexerox workcentre 3655i firmwarelt073.060.048.15000

References

securitydocs.business.xerox.com/wp-content/uploads/2018/07/cert_Security_Mini_Bulletin_XRX18Y_for_ConnectKey_EC78xx_v1.0.pdf

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.7%

Related for CVE-2018-20767

prion1 cvelist1 nvd1 openvas1