CVE-2021-28673 - OpenCVE

Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B400 before 37.61.23 and 37.59.01 (Bridge), B405 before 38.61.23 and 38.59.01 (Bridge), B600/B610 before 32.61.23 and 32.59.01 (Bridge), B605/B615 before 33.61.23 and 33.59.01 (Bridge), B7025/30/35 before 58.61.23 and 58.59.11 (Bridge), C400 before 67.61.23 and 67.59.01 (Bridge), C405 before 68.61.23 and 68.59.01 (Bridge), C500/C600 before 61.61.23 and 61.59.01 (Bridge), C505/C605 before 62.61.23 and 62.59.11 (Bridge), C7000 before 56.61.23 and 56.59.01 (Bridge), C7020/25/30 before 57.61.23 and 57.59.01 (Bridge), C8000/C9000 before 70.61.23 and 70.59.01 (Bridge), allows remote attackers with "a weaponized clone file" to execute arbitrary commands in the Web User Interface.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Xerox	Phaser 6510 Phaser 6510 Firmware Versalink B400 Versalink B400 Firmware Versalink B405 Versalink B405 Firmware Versalink B600 Versalink B600 Firmware Versalink B605 Versalink B605 Firmware Versalink B610 Versalink B610 Firmware Versalink B615 Versalink B615 Firmware Versalink B7025 Versalink B7025 Firmware Versalink B7030 Versalink B7030 Firmware Versalink B7035 Versalink B7035 Firmware Versalink C400 Versalink C400 Firmware Versalink C405 Versalink C405 Firmware Versalink C500 Versalink C500 Firmware Versalink C505 Versalink C505 Firmware Versalink C600 Versalink C600 Firmware Versalink C605 Versalink C605 Firmware Versalink C7000 Versalink C7000 Firmware Versalink C7020 Versalink C7020 Firmware Versalink C7025 Versalink C7025 Firmware Versalink C7030 Versalink C7030 Firmware Versalink C8000 Versalink C8000 Firmware Versalink C9000 Versalink C9000 Firmware Workcentre 6515 Workcentre 6515 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:xerox:phaser_6510_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:phaser_6510:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:xerox:workcentre_6515_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:workcentre_6515:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:xerox:versalink_b400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b400:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:xerox:versalink_b405_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b405:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:xerox:versalink_b610_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b610:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:xerox:versalink_b605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b605:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:xerox:versalink_b615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b615:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:xerox:versalink_b7025_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7025:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:xerox:versalink_c400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c400:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:xerox:versalink_c405_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c405:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:xerox:versalink_c500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c500:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:xerox:versalink_c600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c600:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:xerox:versalink_c505_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c505:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:xerox:versalink_c605_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c605:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:xerox:versalink_c7000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7000:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:xerox:versalink_c7020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7020:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:xerox:versalink_c7025_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7025:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:xerox:versalink_c7030_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c7030:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:xerox:versalink_c8000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c8000:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:xerox:versalink_c9000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_c9000:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:xerox:versalink_b600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b600:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:xerox:versalink_b7030_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7030:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:xerox:versalink_b7035_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:xerox:versalink_b7035:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://securitydocs.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20K_for_PH6510_WC6515_VLB4xx_C4xx_B6XX_B70xx_C5xx_C6xx_C7xxx.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-03-29T19:00:49

Updated: 2024-08-03T21:47:33.053Z

Reserved: 2021-03-18T00:00:00

Link: CVE-2021-28673

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-03-29T20:15:13.453

Modified: 2021-04-05T20:20:24.257

Link: CVE-2021-28673

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object