CVE-2019-10881

Published: Apr 13, 2021

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.0

9.4

CRITICAL

Description

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.

Vendor	Product	Versions
XEROX	AltaLink B8045/B8055/B8065/B8075/B8090	affected `n/a`
XEROX	AltaLink C8030/C8035/C8045/C8055/C8070	affected `n/a`
XEROX	WorkCentre 3655	affected `n/a`
XEROX	WorkCentre 5845/5855/5865/5875/5890	affected `n/a`
XEROX	WorkCentre 5945/5955	affected `n/a`
XEROX	WorkCentre 6655	affected `n/a`
XEROX	WorkCentre 7220/7225	affected `n/a`
XEROX	WorkCentre 7830/7835/7845/7855	affected `n/a`
XEROX	WorkCentre 7970	affected `n/a`
XEROX	WorkCentre EC7836/EC7856	affected `n/a`
XEROX	ColorQube 9301/9302/9303	affected `n/a`
XEROX	ColorQube 8700/8900	affected `n/a`
XEROX	WorkCentre 6400	affected `n/a`
XEROX	Phaser 6700	affected `n/a`
XEROX	Phaser 7800	affected `n/a`
XEROX	WorkCentre 5735/5740/5745/5755/5765/5775/5790	affected `n/a`
XEROX	WorkCentre 7525/7530/7535/7545/7556	affected `n/a`
XEROX	WorkCentre 7755/7765/7775	affected `n/a`

Weaknesses (CWE)

CWE-259

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

References

https://airbus-seclab.github.io/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-10881

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References