Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.
References
Link | Resource |
---|---|
https://security.business.xerox.com/ | Vendor Advisory |
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-13T18:18:33
Updated: 2020-03-13T18:18:33
Reserved: 2019-07-02T00:00:00
Link: CVE-2019-13170
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-13T19:15:14.993
Modified: 2020-03-17T20:52:47.430
Link: CVE-2019-13170
JSON object: View
Redhat Information
No data.
CWE