CVE-2021-28668

CRITICAL

Xerox AltaLink B80xx/C80xx < 103.008.020.23120 - SQL Injection

Title source: llm
STIX 2.1

Description

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.

Scores

CVSS v3 9.8
EPSS 0.0098
EPSS Percentile 58.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (10)
xerox/altalink_b8045_firmware < 103.008.020.23120
xerox/altalink_b8055_firmware < 103.008.020.23120
xerox/altalink_b8065_firmware < 103.008.020.23120
xerox/altalink_b8075_firmware < 103.008.020.23120
xerox/altalink_b8090_firmware < 103.008.020.23120
xerox/altalink_c8030_firmware < 103.001.020.23120
xerox/altalink_c8035_firmware < 103.001.020.23120
xerox/altalink_c8045_firmware < 103.002.020.23120
xerox/altalink_c8055_firmware < 103.002.020.23120
xerox/altalink_c8070_firmware < 103.003.020.23120
Published Mar 29, 2021
Tracked Since Feb 18, 2026