Published: 03/01/2019 Updated: 03/10/2019

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The web application on Xerox AltaLink B80xx prior to 100.008.028.05200, C8030/C8035 prior to 100.001.028.05200, C8045/C8055 prior to 100.002.028.05200, and C8070 prior to 100.003.028.05200 allows unauthenticated command injection.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xerox altalink_c8030_firmware
xerox altalink_c8035_firmware
xerox altalink_c8045_firmware
xerox altalink_c8055_firmware
xerox altalink_c8070_firmware
xerox altalink_b8045_firmware
xerox altalink_b8055_firmware
xerox altalink_b8065_firmware
xerox altalink_b8075_firmware
xerox altalink_b8090_firmware

CWE-77 https://securitydocs.business.xerox.com/wp-content/uploads/2018/12/cert_Security_Mini_Bulletin_XRX18AL_for_ALB80xx-C80xx_v1.1.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-17172

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect