CVE-2021-28669

HIGH

Xerox AltaLink B80xx/C8030/C8035/C8045/C8055/C8070 < 103.008.020.23120 - Missing Authorization

Title source: llm
STIX 2.1

Description

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to set configuration attributes without administrative rights.

Scores

CVSS v3 7.5
EPSS 0.0079
EPSS Percentile 51.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-862
Status published
Products (10)
xerox/altalink_b8045_firmware < 103.008.020.23120
xerox/altalink_b8055_firmware < 103.008.020.23120
xerox/altalink_b8065_firmware < 103.008.020.23120
xerox/altalink_b8075_firmware < 103.008.020.23120
xerox/altalink_b8090_firmware < 103.008.020.23120
xerox/altalink_c8030_firmware < 103.001.020.23120
xerox/altalink_c8035_firmware < 103.001.020.23120
xerox/altalink_c8045_firmware < 103.002.020.23120
xerox/altalink_c8055_firmware < 103.002.020.23120
xerox/altalink_c8070_firmware < 103.003.020.23120
Published Mar 29, 2021
Tracked Since Feb 18, 2026