CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
74.0%
Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 have a remote Command Execution vulnerability in the Web User Interface that allows remote attackers with “a weaponized clone file” to execute arbitrary commands.
Vendor | Product | Version | CPE |
---|---|---|---|
xerox | phaser_6510 | - | cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:* |
xerox | phaser_6510_firmware | * | cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:* |
xerox | workcentre_6515 | - | cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:* |
xerox | workcentre_6515_firmware | * | cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:* |
xerox | versalink_b400 | - | cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:* |
xerox | versalink_b400_firmware | * | cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:* |
xerox | versalink_b405 | - | cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:* |
xerox | versalink_b405_firmware | * | cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:* |
xerox | versalink_b600 | - | cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:* |
xerox | versalink_b600_firmware | * | cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
74.0%