Lucene search

[email protected]NVD:CVE-2021-28672

HistoryMar 29, 2021 - 9:15 p.m.

CVE-2021-28672

2021-03-2921:15:13

CWE-120

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

79.7%

JSON

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 allows remote attackers to execute arbitrary code through a buffer overflow in Web page parameter handling.

Affected configurations

NVD

Node

xeroxphaser_6510_firmwareRange<64.59.11

AND

xeroxphaser_6510Match-

Node

xeroxworkcentre_6515_firmwareRange<65.59.11

AND

xeroxworkcentre_6515Match-

Node

xeroxversalink_b400_firmwareRange<37.59.01

AND

xeroxversalink_b400Match-

Node

xeroxversalink_b405_firmwareRange<38.59.01

AND

xeroxversalink_b405Match-

Node

xeroxversalink_b600_firmwareRange<32.59.01

AND

xeroxversalink_b600Match-

Node

xeroxversalink_b610_firmwareRange<32.59.01

AND

xeroxversalink_b610Match-

Node

xeroxversalink_b605_firmwareRange<33.59.01

AND

xeroxversalink_b605Match-

Node

xeroxversalink_b615_firmwareRange<33.59.01

AND

xeroxversalink_b615Match-

Node

xeroxversalink_b7025_firmwareRange<58.59.11

AND

xeroxversalink_b7025Match-

Node

xeroxversalink_b7030_firmwareRange<58.59.11

AND

xeroxversalink_b7030Match-

Node

xeroxversalink_b7035_firmwareRange<58.59.11

AND

xeroxversalink_b7035Match-

Node

xeroxversalink_c400_firmwareRange<67.59.01

AND

xeroxversalink_c400Match-

Node

xeroxversalink_c405_firmwareRange<68.59.01

AND

xeroxversalink_c405Match-

Node

xeroxversalink_c500_firmwareRange<61.59.01

AND

xeroxversalink_c500Match-

Node

xeroxversalink_c600_firmwareRange<61.59.01

AND

xeroxversalink_c600Match-

Node

xeroxversalink_c505_firmwareRange<62.59.01

AND

xeroxversalink_c505Match-

Node

xeroxversalink_c605_firmwareRange<62.59.01

AND

xeroxversalink_c605Match-

Node

xeroxversalink_c7000_firmwareRange<56.59.01

AND

xeroxversalink_c7000Match-

Node

xeroxversalink_c7020_firmwareRange<57.59.01

AND

xeroxversalink_c7020Match-

Node

xeroxversalink_c7025_firmwareRange<57.59.01

AND

xeroxversalink_c7025Match-

Node

xeroxversalink_c7030_firmwareRange<57.59.01

AND

xeroxversalink_c7030Match-

Node

xeroxversalink_c8000_firmwareRange<70.59.01

AND

xeroxversalink_c8000Match-

Node

xeroxversalink_c9000_firmwareRange<70.59.01

AND

xeroxversalink_c9000Match-

Node

xeroxphaser_6510_firmwareRange<64.65.51

AND

xeroxphaser_6510Match-

Node

xeroxworkcentre_6515_firmwareRange<65.65.51

AND

xeroxworkcentre_6515Match-

Node

xeroxversalink_b400_firmwareRange<37.65.51

AND

xeroxversalink_b400Match-

Node

xeroxversalink_b405_firmwareRange<38.65.51

AND

xeroxversalink_b405Match-

Node

xeroxversalink_b610_firmwareRange<32.65.51

AND

xeroxversalink_b610Match-

Node

xeroxversalink_b605_firmwareRange<33.65.51

AND

xeroxversalink_b605Match-

Node

xeroxversalink_b615_firmwareRange<33.65.51

AND

xeroxversalink_b615Match-

Node

xeroxversalink_b7025_firmwareRange<58.65.51

AND

xeroxversalink_b7025Match-

Node

xeroxversalink_c400_firmwareRange<67.65.51

AND

xeroxversalink_c400Match-

Node

xeroxversalink_c405_firmwareRange<68.65.51

AND

xeroxversalink_c405Match-

Node

xeroxversalink_c500_firmwareRange<61.65.51

AND

xeroxversalink_c500Match-

Node

xeroxversalink_c600_firmwareRange<61.65.51

AND

xeroxversalink_c600Match-

Node

xeroxversalink_c505_firmwareRange<62.65.51

AND

xeroxversalink_c505Match-

Node

xeroxversalink_c605_firmwareRange<62.65.51

AND

xeroxversalink_c605Match-

Node

xeroxversalink_c7000_firmwareRange<56.65.51

AND

xeroxversalink_c7000Match-

Node

xeroxversalink_c7020_firmwareRange<57.65.51

AND

xeroxversalink_c7020Match-

Node

xeroxversalink_c7025_firmwareRange<57.65.51

AND

xeroxversalink_c7025Match-

Node

xeroxversalink_c7030_firmwareRange<57.65.51

AND

xeroxversalink_c7030Match-

Node

xeroxversalink_c8000_firmwareRange<70.65.51

AND

xeroxversalink_c8000Match-

Node

xeroxversalink_c9000_firmwareRange<70.65.51

AND

xeroxversalink_c9000Match-

Node

xeroxversalink_c8000w_firmwareRange<72.65.51

AND

xeroxversalink_c8000wMatch-

Node

xeroxversalink_b600_firmwareRange<32.65.51

AND

xeroxversalink_b600Match-

Node

xeroxversalink_b7030_firmwareRange<58.65.51

AND

xeroxversalink_b7030Match-

Node

xeroxversalink_b7035_firmwareRange<58.65.51

AND

xeroxversalink_b7035Match-

References

securitydocs.business.xerox.com/wp-content/uploads/2021/03/cert_Security_Mini_Bulletin_XRX21D_for_PH6510_WC6515_VersaLink-1.pdf

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.007 Low

EPSS

Percentile

79.7%

JSON

Related for NVD:CVE-2021-28672

cve1 cvelist1 prion1