exploitDog

CVE-2019-13172

Опубликовано: 13 мар. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.

Ссылки

https://security.business.xerox.com/
Vendor Advisory
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
Third Party Advisory
https://security.business.xerox.com/
Vendor Advisory
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*

cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.0186

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-g565-vv3c-97hf

github

больше 3 лет назад

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.

EPSS

Процентиль: 83%

0.0186

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-120