CVE-2019-18630
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure.
En las impresoras multifunción Xerox AltaLink B8045/B8055/B8065/B8075/B8090 y C8030/C8035/C8045/C8055/C8070 con versiones de software anteriores a 101.00x.099.28200, las partes de la unidad que contenían código ejecutable no se cifraron, por lo que quedaron abiertas a posibles cifrados de divulgación de información
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-10-30 CVE Reserved
- 2021-03-04 CVE Published
- 2023-11-18 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xerox Search vendor "Xerox" | Altalink B8045 Firmware Search vendor "Xerox" for product "Altalink B8045 Firmware" | < 103.008.010.14010 Search vendor "Xerox" for product "Altalink B8045 Firmware" and version " < 103.008.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink B8045 Search vendor "Xerox" for product "Altalink B8045" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink B8055 Firmware Search vendor "Xerox" for product "Altalink B8055 Firmware" | < 103.008.010.14010 Search vendor "Xerox" for product "Altalink B8055 Firmware" and version " < 103.008.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink B8055 Search vendor "Xerox" for product "Altalink B8055" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink B8065 Firmware Search vendor "Xerox" for product "Altalink B8065 Firmware" | < 103.008.010.14010 Search vendor "Xerox" for product "Altalink B8065 Firmware" and version " < 103.008.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink B8065 Search vendor "Xerox" for product "Altalink B8065" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink B8075 Firmware Search vendor "Xerox" for product "Altalink B8075 Firmware" | < 103.008.010.14010 Search vendor "Xerox" for product "Altalink B8075 Firmware" and version " < 103.008.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink B8075 Search vendor "Xerox" for product "Altalink B8075" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink B8090 Firmware Search vendor "Xerox" for product "Altalink B8090 Firmware" | < 103.008.010.14010 Search vendor "Xerox" for product "Altalink B8090 Firmware" and version " < 103.008.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink B8090 Search vendor "Xerox" for product "Altalink B8090" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink C8030 Firmware Search vendor "Xerox" for product "Altalink C8030 Firmware" | < 103.001.010.14010 Search vendor "Xerox" for product "Altalink C8030 Firmware" and version " < 103.001.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink C8030 Search vendor "Xerox" for product "Altalink C8030" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink C8035 Firmware Search vendor "Xerox" for product "Altalink C8035 Firmware" | < 103.001.010.14010 Search vendor "Xerox" for product "Altalink C8035 Firmware" and version " < 103.001.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink C8035 Search vendor "Xerox" for product "Altalink C8035" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink C8045 Firmware Search vendor "Xerox" for product "Altalink C8045 Firmware" | < 103.002.010.14010 Search vendor "Xerox" for product "Altalink C8045 Firmware" and version " < 103.002.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink C8045 Search vendor "Xerox" for product "Altalink C8045" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink C8055 Firmware Search vendor "Xerox" for product "Altalink C8055 Firmware" | < 103.002.010.14010 Search vendor "Xerox" for product "Altalink C8055 Firmware" and version " < 103.002.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink C8055 Search vendor "Xerox" for product "Altalink C8055" | - | - |
Safe
|
| Xerox Search vendor "Xerox" | Altalink C8070 Firmware Search vendor "Xerox" for product "Altalink C8070 Firmware" | < 103.003.010.14010 Search vendor "Xerox" for product "Altalink C8070 Firmware" and version " < 103.003.010.14010" | - |
Affected
| in | Xerox Search vendor "Xerox" | Altalink C8070 Search vendor "Xerox" for product "Altalink C8070" | - | - |
Safe
|