Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-18628
HistoryMar 04, 2021 - 7:15 a.m.

CVE-2019-18628

2021-03-0407:15:13
[email protected]
web.nvd.nist.gov
3
xerox
multifunction printers
admin privileges
data encryption
cryptographic information disclosure

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

26.0%

JSON

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information disclosure.

Affected configurations

Nvd
Node
xeroxaltalink_b8045_firmwareRange<103.008.010.14010
AND
xeroxaltalink_b8045Match-
Node
xeroxaltalink_b8055_firmwareRange<103.008.010.14010
AND
xeroxaltalink_b8055Match-
Node
xeroxaltalink_b8065_firmwareRange<103.008.010.14010
AND
xeroxaltalink_b8065Match-
Node
xeroxaltalink_b8075_firmwareRange<103.008.010.14010
AND
xeroxaltalink_b8075Match-
Node
xeroxaltalink_b8090_firmwareRange<103.008.010.14010
AND
xeroxaltalink_b8090Match-
Node
xeroxaltalink_c8030_firmwareRange<103.001.010.14010
AND
xeroxaltalink_c8030Match-
Node
xeroxaltalink_c8035_firmwareRange<103.001.010.14010
AND
xeroxaltalink_c8035Match-
Node
xeroxaltalink_c8045_firmwareRange<103.002.010.14010
AND
xeroxaltalink_c8045Match-
Node
xeroxaltalink_c8055_firmwareRange<103.002.010.14010
AND
xeroxaltalink_c8055Match-
Node
xeroxaltalink_c8070_firmwareRange<103.003.010.14010
AND
xeroxaltalink_c8070Match-
VendorProductVersionCPE
xeroxaltalink_b8045_firmware*cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:*
xeroxaltalink_b8045-cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*
xeroxaltalink_b8055_firmware*cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:*
xeroxaltalink_b8055-cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*
xeroxaltalink_b8065_firmware*cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:*
xeroxaltalink_b8065-cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*
xeroxaltalink_b8075_firmware*cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:*
xeroxaltalink_b8075-cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*
xeroxaltalink_b8090_firmware*cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:*
xeroxaltalink_b8090-cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 201

Related

cve 1
cvelist 1
prion 1
openvas 1
cve
cve
CVE-2019-18628
2021-03-04 07:15:13
cvelist
cvelist
CVE-2019-18628
2021-03-04 06:09:30
prion
prion
Information disclosure
2021-03-04 07:15:00
openvas
openvas
Xerox AltaLink Printers Multiple Vulnerabilities (XRX20I/R20-05)
2021-03-24 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

26.0%

JSON
Related for NVD:CVE-2019-18628
cve1cvelist1prion1openvas1