Lucene search

[email protected]CVE-2022-25343

HistoryApr 20, 2022 - 1:15 p.m.

CVE-2022-25343

2022-04-2013:15:07

[email protected]

web.nvd.nist.gov

olivetti

d-color mf3555

2xd_s000.002.271

web application

dos

denial of service

cve-2022-25343

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

39.6%

JSON

An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Denial of Service. An unauthenticated attacker, who can send POST requests to the /download/set.cgi page by manipulating the failhtmfile variable, is able to cause interruption of the service provided by the Web Application.

Affected configurations

NVD

Node

olivettid-color_mf3555_firmwareMatch2xd_s000.002.271

AND

olivettid-color_mf3555Match-

CPENameOperatorVersion
olivetti:d-color_mf3555_firmwareolivetti d-color mf3555 firmwareeq2xd_s000.002.271

CPE	Name	Operator	Version
olivetti:d-color_mf3555_firmware	olivetti d-color mf3555 firmware	eq	2xd_s000.002.271

References

www.gruppotim.it/it/footer/red-team.html

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

39.6%

JSON

Related for CVE-2022-25343

prion1 cvelist1 nvd1 cnvd1