CVE-2019-10881

Severity CVSS v4.0:
Pending analysis
Type:
CWE-798 Use of Hard-coded Credentials
Publication date:
13/04/2021
Last modified:
23/04/2021

Description

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:xerox:altalink_b8045_firmware:*:*:*:*:*:*:*:* 103.008.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_b8045:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_b8055_firmware:*:*:*:*:*:*:*:* 103.008.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_b8055:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_b8065_firmware:*:*:*:*:*:*:*:* 103.008.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_b8065:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_b8075_firmware:*:*:*:*:*:*:*:* 103.008.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_b8075:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_b8090_firmware:*:*:*:*:*:*:*:* 103.008.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_b8090:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_c8030_firmware:*:*:*:*:*:*:*:* 103.001.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_c8030:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_c8035_firmware:*:*:*:*:*:*:*:* 103.001.010.14010 (excluding)
cpe:2.3:h:xerox:altalink_c8035:-:*:*:*:*:*:*:*
cpe:2.3:o:xerox:altalink_c8045_firmware:*:*:*:*:*:*:*:* 103.002.010.14010 (excluding)