Lucene search

MitreCVE-2022-29588

HistoryMay 16, 2022 - 6:15 a.m.

CVE-2022-29588

2022-05-1606:15:08

CWE-522

mitre

web.nvd.nist.gov

cve-2022-29588

konica minolta

bizhub

mfp

password storage

cleartext

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.7

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.

Affected configurations

Nvd

Node

konicaminoltabizhub_226i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_226iMatch-

Node

konicaminoltabizhub_227_firmwareRange<2022-04-14

AND

konicaminoltabizhub_227Match-

Node

konicaminoltabizhub_246i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_246iMatch-

Node

konicaminoltabizhub_287_firmwareRange<2022-04-14

AND

konicaminoltabizhub_287Match-

Node

konicaminoltabizhub_306i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_306iMatch-

Node

konicaminoltabizhub_308_firmwareRange<2022-04-14

AND

konicaminoltabizhub_308Match-

Node

konicaminoltabizhub_308e_firmwareRange<2022-04-14

AND

konicaminoltabizhub_308eMatch-

Node

konicaminoltabizhub_367_firmwareRange<2022-04-14

AND

konicaminoltabizhub_367Match-

Node

konicaminoltabizhub_368_firmwareRange<2022-04-14

AND

konicaminoltabizhub_368Match-

Node

konicaminoltabizhub_368e_firmwareRange<2022-04-14

AND

konicaminoltabizhub_368eMatch-

Node

konicaminoltabizhub_4052_firmwareRange<2022-04-14

AND

konicaminoltabizhub_4052Match-

Node

konicaminoltabizhub_458_firmwareRange<2022-04-14

AND

konicaminoltabizhub_458Match-

Node

konicaminoltabizhub_458e_firmwareRange<2022-04-14

AND

konicaminoltabizhub_458eMatch-

Node

konicaminoltabizhub_4752_firmwareRange<2022-04-14

AND

konicaminoltabizhub_4752Match-

Node

konicaminoltabizhub_558_firmwareRange<2022-04-14

AND

konicaminoltabizhub_558Match-

Node

konicaminoltabizhub_558e_firmwareRange<2022-04-14

AND

konicaminoltabizhub_558eMatch-

Node

konicaminoltabizhub_658e_firmwareRange<2022-04-14

AND

konicaminoltabizhub_658eMatch-

Node

konicaminoltabizhub_758_firmwareRange<2022-04-14

AND

konicaminoltabizhub_758Match-

Node

konicaminoltabizhub_808_firmwareRange<2022-04-14

AND

konicaminoltabizhub_808Match-

Node

konicaminoltabizhub_958_firmwareRange<2022-04-14

AND

konicaminoltabizhub_958Match-

Node

konicaminoltabizhub_c227_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c227Match-

Node

konicaminoltabizhub_c250i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c250iMatch-

Node

konicaminoltabizhub_c258_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c258Match-

Node

konicaminoltabizhub_c287_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c287Match-

Node

konicaminoltabizhub_c300i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c300iMatch-

Node

konicaminoltabizhub_c308_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c308Match-

Node

konicaminoltabizhub_c3300i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3300iMatch-

Node

konicaminoltabizhub_c3320i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3320iMatch-

Node

konicaminoltabizhub_c3350i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3350iMatch-

Node

konicaminoltabizhub_c3351_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3351Match-

Node

konicaminoltabizhub_c360i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c360iMatch-

Node

konicaminoltabizhub_c368_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c368Match-

Node

konicaminoltabizhub_c3851_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3851Match-

Node

konicaminoltabizhub_c3851fs_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c3851fsMatch-

Node

konicaminoltabizhub_c4000i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c4000iMatch-

Node

konicaminoltabizhub_c4050i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c4050iMatch-

Node

konicaminoltabizhub_c450i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c450iMatch-

Node

konicaminoltabizhub_c458_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c458Match-

Node

konicaminoltabizhub_c550i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c550iMatch-

Node

konicaminoltabizhub_c558_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c558Match-

Node

konicaminoltabizhub_c650i_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c650iMatch-

Node

konicaminoltabizhub_c658_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c658Match-

Node

konicaminoltabizhub_c659_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c659Match-

Node

konicaminoltabizhub_c759_firmwareRange<2022-04-14

AND

konicaminoltabizhub_c759Match-

Node

konicaminoltabizhub_pro958_firmwareRange<2022-04-14

AND

konicaminoltabizhub_pro958Match-

VendorProductVersionCPE
konicaminoltabizhub_226i_firmware*cpe:2.3:o:konicaminolta:bizhub_226i_firmware:*:*:*:*:*:*:*:*
konicaminoltabizhub_226i-cpe:2.3:h:konicaminolta:bizhub_226i:-:*:*:*:*:*:*:*
konicaminoltabizhub_227_firmware*cpe:2.3:o:konicaminolta:bizhub_227_firmware:*:*:*:*:*:*:*:*
konicaminoltabizhub_227-cpe:2.3:h:konicaminolta:bizhub_227:-:*:*:*:*:*:*:*
konicaminoltabizhub_246i_firmware*cpe:2.3:o:konicaminolta:bizhub_246i_firmware:*:*:*:*:*:*:*:*
konicaminoltabizhub_246i-cpe:2.3:h:konicaminolta:bizhub_246i:-:*:*:*:*:*:*:*
konicaminoltabizhub_287_firmware*cpe:2.3:o:konicaminolta:bizhub_287_firmware:*:*:*:*:*:*:*:*
konicaminoltabizhub_287-cpe:2.3:h:konicaminolta:bizhub_287:-:*:*:*:*:*:*:*
konicaminoltabizhub_306i_firmware*cpe:2.3:o:konicaminolta:bizhub_306i_firmware:*:*:*:*:*:*:*:*
konicaminoltabizhub_306i-cpe:2.3:h:konicaminolta:bizhub_306i:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
konicaminolta	bizhub_226i_firmware	*	cpe:2.3:o:konicaminolta:bizhub_226i_firmware::::::::
konicaminolta	bizhub_226i	-	cpe:2.3:h:konicaminolta:bizhub_226i:-:::::::*
konicaminolta	bizhub_227_firmware	*	cpe:2.3:o:konicaminolta:bizhub_227_firmware::::::::
konicaminolta	bizhub_227	-	cpe:2.3:h:konicaminolta:bizhub_227:-:::::::*
konicaminolta	bizhub_246i_firmware	*	cpe:2.3:o:konicaminolta:bizhub_246i_firmware::::::::
konicaminolta	bizhub_246i	-	cpe:2.3:h:konicaminolta:bizhub_246i:-:::::::*
konicaminolta	bizhub_287_firmware	*	cpe:2.3:o:konicaminolta:bizhub_287_firmware::::::::
konicaminolta	bizhub_287	-	cpe:2.3:h:konicaminolta:bizhub_287:-:::::::*
konicaminolta	bizhub_306i_firmware	*	cpe:2.3:o:konicaminolta:bizhub_306i_firmware::::::::
konicaminolta	bizhub_306i	-	cpe:2.3:h:konicaminolta:bizhub_306i:-:::::::*

Rows per page:

1-10 of 901

References

packetstormsecurity.com/files/167166/Konica-Minolta-bizhub-MFP-Printer-Terminal-Sandbox-Escape.html

sec-consult.com/vulnerability-lab/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.7

Confidence

High

EPSS

0.002

Percentile

58.5%

JSON

Related for CVE-2022-29588