CVSS: 7.8EPSS: 0%CPEs: 152EXPL: 0CVE-2021-20679
https://notcve.org/view.php?id=CVE-2021-20679
Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command. Dispositivos multifunción e impresoras Fuji Xerox (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP), permiten a un atacante causar una condición de denegación de servicio (DoS) y una finalización anormal (ABEND) de los productos afectados por medio del envío de un comando especialmente diseñado • https://jvn.jp/en/jp/JVN37607293/index.html https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.html https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.html •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5526
https://notcve.org/view.php?id=CVE-2020-5526
The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La AWMS Mobile App para Android versiones 2.0.0 hasta 2.0.5 y para iOS versiones 2.0.0 hasta 2.0.8, no verifica los certificados X.509 de los servidores, lo que permite a los atacantes de tipo man-in-the-middle falsificar servidores y obtener información confidencial por medio de un certificado diseñado. • http://jvn.jp/en/jp/JVN00014057/index.html http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG&lang_code=en&d_lang=en&corp_pid=AWMS2&rts=null&model=ApeosWare+Management+Suite+2&type_id=7&oslist=Windows+10+64bit&lang_list=en • CWE-295: Improper Certificate Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5522
https://notcve.org/view.php?id=CVE-2020-5522
The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación kantan netprint para Android versión 2.0.3 y anteriores, no comprueba los certificados X.509 de los servidores, lo que permite a atacantes de tipo man-in-the-middle falsificar servidores y obtener información confidencial por medio de un certificado diseñado. • http://jvn.jp/en/jp/JVN66435380/index.html https://www.printing.ne.jp/support/information/AppVulnerability.html • CWE-295: Improper Certificate Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5521
https://notcve.org/view.php?id=CVE-2020-5521
The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación kantan netprint para iOS versión 2.0.2 y anteriores, no comprueba los certificados X.509 de los servidores, lo que permite a atacantes de tipo man-in-the-middle falsificar servidores y obtener información confidencial por medio de un certificado diseñado. • http://jvn.jp/en/jp/JVN66435380/index.html https://www.printing.ne.jp/support/information/AppVulnerability.html • CWE-295: Improper Certificate Validation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5520
https://notcve.org/view.php?id=CVE-2020-5520
The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación netprint para iOS versión 3.2.3 y anteriores, no comprueba los certificados X.509 de los servidores, lo que permite a atacantes de tipo man-in-the-middle falsificar servidores y obtener información confidencial por medio de un certificado diseñado. • http://jvn.jp/en/jp/JVN66435380/index.html https://www.printing.ne.jp/support/information/AppVulnerability.html • CWE-295: Improper Certificate Validation •