Configuration Attribute Modification in Xerox AltaLink Multifunction Printers
CVE-2021-28669

7.5HIGH

Key Information:

Vendor: Xerox
Status: Altalink B8045 Firmware
Vendor: CVE Published:; 29 March 2021

What is CVE-2021-28669?

Certain models of Xerox AltaLink Multifunction Printers prior to specified firmware versions allow users to change configuration settings without proper administrative privileges. This unauthorized modification can potentially lead to misconfigurations and expose sensitive data. Users must ensure their devices are updated to mitigate these risks and maintain secure operational integrity.

References

https://securitydocs.business.xerox.com/wp-content/upload...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2021
Vulnerability Reserved
Mar 18, 2021