CVE-2019-10881
published 2021-04-13CVE-2019-10881: Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with…
PriorityP353critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.99%
58.0th percentile
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xerox | altalink_b8045_b8055_b8065_b8075_b8090 | — | — |
| xerox | altalink_b8045_firmware | < 103.008.010.14010 | 103.008.010.14010 |
| xerox | altalink_b8055_firmware | < 103.008.010.14010 | 103.008.010.14010 |
| xerox | altalink_b8065_firmware | < 103.008.010.14010 | 103.008.010.14010 |
| xerox | altalink_b8075_firmware | < 103.008.010.14010 | 103.008.010.14010 |
| xerox | altalink_b8090_firmware | < 103.008.010.14010 | 103.008.010.14010 |
| xerox | altalink_c8030_c8035_c8045_c8055_c8070 | — | — |
| xerox | altalink_c8030_firmware | < 103.001.010.14010 | 103.001.010.14010 |
| xerox | altalink_c8035_firmware | < 103.001.010.14010 | 103.001.010.14010 |
| xerox | altalink_c8045_firmware | < 103.002.010.14010 | 103.002.010.14010 |
| xerox | altalink_c8055_firmware | < 103.002.010.14010 | 103.002.010.14010 |
| xerox | altalink_c8070_firmware | < 103.003.010.14010 | 103.003.010.14010 |
| xerox | colorqube_8700_8900 | — | — |
| xerox | colorqube_9301_9302_9303 | — | — |
| xerox | phaser_6700 | — | — |
| xerox | phaser_7800 | — | — |
| xerox | workcentre_3655 | — | — |
| xerox | workcentre_5735_5740_5745_5755_5765_5775_5790 | — | — |
| xerox | workcentre_5845_5855_5865_5875_5890 | — | — |
| xerox | workcentre_5945_5955 | — | — |
| xerox | workcentre_6400 | — | — |
| xerox | workcentre_6655 | — | — |
| xerox | workcentre_7220_7225 | — | — |
| xerox | workcentre_7525_7530_7535_7545_7556 | — | — |
| xerox | workcentre_7755_7765_7775 | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.4CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-04-13
Published