Configuration Attribute Modification in Xerox AltaLink Multifunction Printers
CVE-2021-28669
7.5HIGH
Summary
Certain models of Xerox AltaLink Multifunction Printers prior to specified firmware versions allow users to change configuration settings without proper administrative privileges. This unauthorized modification can potentially lead to misconfigurations and expose sensitive data. Users must ensure their devices are updated to mitigate these risks and maintain secure operational integrity.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved