Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks.
References
Link | Resource |
---|---|
https://security.business.xerox.com/ | Vendor Advisory |
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-13T18:33:54
Updated: 2020-03-13T18:33:54
Reserved: 2019-07-02T00:00:00
Link: CVE-2019-13166
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-13T19:15:14.587
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-13166
JSON object: View
Redhat Information
No data.
CWE