Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Toshiba
Published: 2024-06-14T02:28:02.965Z
Updated: 2024-06-14T02:28:02.965Z
Reserved: 2024-02-21T02:11:53.250Z
Link: CVE-2024-27142
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-14T03:15:10.007
Modified: 2024-06-17T12:43:31.090
Link: CVE-2024-27142
JSON object: View
Redhat Information
No data.
CWE