CVE-2021-28669
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to set configuration attributes without administrative rights.
Affected (10)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.008.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink B8045 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.008.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink B8055 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.008.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink B8065 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.008.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink B8075 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.008.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink B8090 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.001.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink C8030 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.001.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink C8035 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.002.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink C8045 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.002.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink C8055 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 103.003.020.23120 |
| Running on/with | Platform Versions |
|---|---|
Xerox Altalink C8070 | All versions |
References (2)
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.