Vulnerabilities > Xerox
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-13 | CVE-2019-13172 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device. | 10.0 |
2020-03-13 | CVE-2019-13171 | Out-of-bounds Write vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. | 10.0 |
2020-03-13 | CVE-2019-13170 | Cross-Site Request Forgery (CSRF) vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. | 4.3 |
2020-03-13 | CVE-2019-13169 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device. | 10.0 |
2020-03-13 | CVE-2019-13168 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. | 10.0 |
2020-03-13 | CVE-2019-13167 | Cross-site Scripting vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers. | 4.3 |
2020-03-13 | CVE-2019-13166 | Improper Restriction of Excessive Authentication Attempts vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. | 5.0 |
2020-03-13 | CVE-2019-13165 | Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000 Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. | 10.0 |
2020-02-21 | CVE-2020-9330 | Insufficiently Protected Credentials vulnerability in Xerox products Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. | 4.0 |
2020-02-13 | CVE-2013-6362 | Use of Hard-coded Credentials vulnerability in Xerox products Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. | 5.0 |