Lucene search

K
cveMitreCVE-2021-28671
HistoryMar 29, 2021 - 9:15 p.m.

CVE-2021-28671

2021-03-2921:15:13
mitre
web.nvd.nist.gov
27
cve-2021-28671
xerox
phaser
workcentre
versalink
bridge
remote command execution
vulnerability
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.004

Percentile

74.0%

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 have a remote Command Execution vulnerability in the Web User Interface that allows remote attackers with “a weaponized clone file” to execute arbitrary commands.

Affected configurations

Nvd
Node
xeroxphaser_6510Match-
AND
xeroxphaser_6510_firmwareRange<64.59.11
Node
xeroxworkcentre_6515Match-
AND
xeroxworkcentre_6515_firmwareRange<65.59.11
Node
xeroxversalink_b400Match-
AND
xeroxversalink_b400_firmwareRange<37.59.01
Node
xeroxversalink_b405Match-
AND
xeroxversalink_b405_firmwareRange<38.59.01
Node
xeroxversalink_b600Match-
AND
xeroxversalink_b600_firmwareRange<32.59.01
Node
xeroxversalink_b610Match-
AND
xeroxversalink_b610_firmwareRange<32.59.01
Node
xeroxversalink_b605Match-
AND
xeroxversalink_b605_firmwareRange<33.59.01
Node
xeroxversalink_b615Match-
AND
xeroxversalink_b615_firmwareRange<33.59.01
Node
xeroxversalink_b7025_firmwareRange<58.59.11
AND
xeroxversalink_b7025Match-
Node
xeroxversalink_b7030_firmwareRange<58.59.11
AND
xeroxversalink_b7030Match-
Node
xeroxversalink_b7035_firmwareRange<58.59.11
AND
xeroxversalink_b7035Match-
Node
xeroxversalink_c400_firmwareRange<67.59.01
AND
xeroxversalink_c400Match-
Node
xeroxversalink_c405_firmwareRange<68.59.01
AND
xeroxversalink_c405Match-
Node
xeroxversalink_c500_firmwareRange<61.59.01
AND
xeroxversalink_c500Match-
Node
xeroxversalink_c600_firmwareRange<61.59.01
AND
xeroxversalink_c600Match-
Node
xeroxversalink_c505_firmwareRange<62.59.01
AND
xeroxversalink_c505Match-
Node
xeroxversalink_c605_firmwareRange<62.59.01
AND
xeroxversalink_c605Match-
Node
xeroxversalink_c7000_firmwareRange<56.59.01
AND
xeroxversalink_c7000Match-
Node
xeroxversalink_c7020Match-
AND
xeroxversalink_c7020_firmwareRange<57.59.01
Node
xeroxversalink_c7025_firmwareRange<57.59.01
AND
xeroxversalink_c7025Match-
Node
xeroxversalink_c7030_firmwareRange<57.59.01
AND
xeroxversalink_c7030Match-
Node
xeroxversalink_c8000_firmwareRange<70.59.01
AND
xeroxversalink_c8000Match-
Node
xeroxversalink_c9000_firmwareRange<70.59.01
AND
xeroxversalink_c9000Match-
Node
xeroxphaser_6510_firmwareRange<64.65.51
AND
xeroxphaser_6510Match-
Node
xeroxworkcentre_6515_firmwareRange<65.65.51
AND
xeroxworkcentre_6515Match-
Node
xeroxversalink_b400_firmwareRange<37.65.51
AND
xeroxversalink_b400Match-
Node
xeroxversalink_b405_firmwareRange<38.65.51
AND
xeroxversalink_b405Match-
Node
xeroxversalink_b610_firmwareRange<32.65.51
AND
xeroxversalink_b610Match-
Node
xeroxversalink_b605_firmwareRange<33.65.51
AND
xeroxversalink_b605Match-
Node
xeroxversalink_b615_firmwareRange<33.65.51
AND
xeroxversalink_b615Match-
Node
xeroxversalink_b7025_firmwareRange<58.65.51
AND
xeroxversalink_b7025Match-
Node
xeroxversalink_c400_firmwareRange<67.65.51
AND
xeroxversalink_c400Match-
Node
xeroxversalink_c405_firmwareRange<68.65.51
AND
xeroxversalink_c405Match-
Node
xeroxversalink_c500_firmwareRange<61.65.51
AND
xeroxversalink_c500Match-
Node
xeroxversalink_c600_firmwareRange<61.65.51
AND
xeroxversalink_c600Match-
Node
xeroxversalink_c505_firmwareRange<62.65.51
AND
xeroxversalink_c505Match-
Node
xeroxversalink_c605_firmwareRange<62.65.51
AND
xeroxversalink_c605Match-
Node
xeroxversalink_c7000_firmwareRange<56.65.51
AND
xeroxversalink_c7000Match-
Node
xeroxversalink_c7020_firmwareRange<57.65.51
AND
xeroxversalink_c7020Match-
Node
xeroxversalink_c7025_firmwareRange<57.65.51
AND
xeroxversalink_c7025Match-
Node
xeroxversalink_c7030_firmwareRange<57.65.51
AND
xeroxversalink_c7030Match-
Node
xeroxversalink_c8000_firmwareRange<70.65.51
AND
xeroxversalink_c8000Match-
Node
xeroxversalink_c9000_firmwareRange<70.65.51
AND
xeroxversalink_c9000Match-
Node
xeroxversalink_c8000w_firmwareRange<72.65.51
AND
xeroxversalink_c8000wMatch-
Node
xeroxversalink_b600_firmwareRange<32.65.51
AND
xeroxversalink_b600Match-
Node
xeroxversalink_b7030_firmwareRange<58.65.51
AND
xeroxversalink_b7030Match-
Node
xeroxversalink_b7035_firmwareRange<58.65.51
AND
xeroxversalink_b7035Match-
VendorProductVersionCPE
xeroxphaser_6510-cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*
xeroxphaser_6510_firmware*cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*
xeroxworkcentre_6515-cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*
xeroxworkcentre_6515_firmware*cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*
xeroxversalink_b400-cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*
xeroxversalink_b400_firmware*cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*
xeroxversalink_b405-cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*
xeroxversalink_b405_firmware*cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*
xeroxversalink_b600-cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*
xeroxversalink_b600_firmware*cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 481

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.004

Percentile

74.0%

Related for CVE-2021-28671