Lucene search
+L

82 matches found

cve
cve
added 2022/01/25 3:30 p.m.53 views

CVE-2021-34870

The CVE-2021-34870 vulnerability affects NETGEAR XR1000 routers (version 1.0.0.52_1.0.38). A flaw in SOAP message processing allows network-adjacent attackers to access privileged requests without authentication, leading to disclosure of stored credentials and potential further compromise. Public...

6.5CVSS6.2AI score0.00895EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2022/01/04 4:15 a.m.14 views

CVE-2021-20869

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

6.5CVSS0.00532EPSS
Exploits0References4
nvd
nvd
added 2022/01/04 4:15 a.m.33 views

CVE-2021-20871

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

6.5CVSS0.0052EPSS
Exploits0References4
osv
osv
added 2022/01/04 4:15 a.m.3 views

CVE-2021-20869

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

6.5CVSS6.6AI score
Exploits0References4
osv
osv
added 2022/01/04 4:15 a.m.4 views

CVE-2021-20868

Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...

4.5CVSS6.2AI score0.00436EPSS
Exploits0References4
osv
osv
added 2022/01/04 4:15 a.m.6 views

CVE-2021-20871

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

6.5CVSS6.6AI score0.0052EPSS
Exploits0References4
prion
prion
added 2022/01/04 4:15 a.m.17 views

Design/Logic Flaw

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

2.9CVSS6.1AI score0.0052EPSS
Exploits0References4Affected Software80
prion
prion
added 2022/01/04 4:15 a.m.15 views

Authorization

Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...

2.3CVSS4.8AI score0.00436EPSS
Exploits0References4Affected Software80
prion
prion
added 2022/01/04 4:15 a.m.20 views

Code injection

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

2.9CVSS6.2AI score0.00532EPSS
Exploits0References4Affected Software80
cvelist
cvelist
added 2022/01/04 3:5 a.m.27 views

CVE-2021-20871

Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...

6.3AI score0.0052EPSS
Exploits0References4
cve
cve
added 2022/01/04 3:5 a.m.50 views

CVE-2021-20871

CVE-2021-20871 affects KONICA MINOLTA bizhub MFPs and printing systems (listed models). An adjacent-network attacker can obtain credentials stored in the address book when a destination with registered credentials is referenced via a specific SOAP message. This is a credential exposure/informatio...

6.5CVSS6.1AI score0.0052EPSS
Exploits0References4Affected Software1
cve
cve
added 2022/01/04 3:5 a.m.50 views

CVE-2021-20869

KONICA MINOLTA bizhub MFPs are affected by CVE-2021-20869. When external LDAP authentication is enabled, an adjacent-network attacker can obtain some user credentials by sending specific SOAP messages to the device. The vulnerability is tied to how LDAP-based authentication information is process...

6.5CVSS6.2AI score0.00532EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2022/01/04 3:5 a.m.20 views

CVE-2021-20868

Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...

5.1AI score0.00436EPSS
Exploits0References4
cve
cve
added 2022/01/04 3:5 a.m.62 views

CVE-2021-20868

CVE-2021-20868 is an Incorrect Authorization vulnerability in KONICA MINOLTA bizhub MFPs. Multiple model lines expose the risk: if external server authentication is enabled, a remote attacker on an adjacent network can obtain user credentials by sending a crafted SOAP message, potentially with ad...

4.5CVSS4.8AI score0.00436EPSS
Exploits0References4Affected Software1
jvn
jvn
added 2021/12/28 2:51 a.m.6 views

Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems

Overview Multi-function printers MFP and printing systems provided by KONICA MINOLTA, INC. contain multiple vulnerabilities listed below. Incorrect authorization CWE-863 - CVE-2021-20868 Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2021-20869 Improper handling of...

6.8CVSS7.2AI score0.00532EPSS
Exploits0References16
redhat
redhat
added 2015/05/14 3:14 p.m.7 views

CXF: Large invalid content could cause temporary space to fill

It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...

4.3CVSS7.3AI score0.03644EPSS
Exploits0References4
redhat
redhat
added 2015/04/16 4:2 p.m.6 views

CXF: Large invalid content could cause temporary space to fill

It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...

4.3CVSS7.3AI score0.03644EPSS
Exploits0References4
redhat
redhat
added 2014/06/26 3:16 p.m.6 views

CXF: Large invalid content could cause temporary space to fill

It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...

4.3CVSS7.3AI score0.03644EPSS
Exploits0References4
redhat
redhat
added 2014/06/26 3:11 p.m.6 views

CXF: Large invalid content could cause temporary space to fill

It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...

4.3CVSS7.3AI score0.03644EPSS
Exploits0References4
redhat
redhat
added 2014/06/26 3:0 p.m.7 views

CXF: Large invalid content could cause temporary space to fill

It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...

4.3CVSS7.3AI score0.03644EPSS
Exploits0References4
Rows per page
Query Builder