Details of VAR-201810-1613

ID

VAR-201810-1613

TITLE

Command execution vulnerability in FUJI XEROX multi-series printer products

Trust: 0.6

sources: CNVD: CNVD-2018-18056

DESCRIPTION

FUJI XEROX ApeosPort-V 5070 and FUJI XEROX ApeosPort-V C3375 are printer products launched by Fuji Xerox. Command execution vulnerability exists in FUJI XEROX multi-series printer products. Attackers can use the vulnerability to execute commands, upload files, delete printer system files, and cause printer DOS.

Trust: 0.6

sources: CNVD: CNVD-2018-18056

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-18056

AFFECTED PRODUCTS

vendor:	xerox	model:	fujixerox apeosport-v	scope:	eq	version:	5070	Trust: 0.6
vendor:	xerox	model:	fujixerox apeosport-v c3375	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox apeosport-v c4475	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox apeosport-v c5576	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox apeosport-vi c3371	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox docucentre-iv c2263	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox docucentre-v	scope:	eq	version:	3060	Trust: 0.6
vendor:	xerox	model:	fujixerox docucentre-v	scope:	eq	version:	3065	Trust: 0.6
vendor:	xerox	model:	fujixerox docucentre-v c2263	scope:	-	version:	-	Trust: 0.6
vendor:	xerox	model:	fujixerox docucentre-vi c2271	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2018-18056

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2018-18056
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2018-18056
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2018-18056

PATCH

title:

Command execution vulnerability in FUJI XEROX multi-series printer products

url:

https://www.cnvd.org.cn/patchinfo/show/139261

Trust: 0.6

sources: CNVD: CNVD-2018-18056

EXTERNAL IDS

db:

CNVD

id:

CNVD-2018-18056

Trust: 0.6

sources: CNVD: CNVD-2018-18056

SOURCES

db:

CNVD

id:

CNVD-2018-18056

LAST UPDATE DATE

2022-05-04T10:08:12.970000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2018-18056

date:

2018-09-10T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2018-18056

date:

2018-10-16T00:00:00