CVE-2021-20679

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

25/03/2021

Last modified:

01/04/2021

Description

Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.

Impact

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 7.50 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x

7.50

Severity 3.x

HIGH

Vector 2.0

AV:N/AC:L/Au:N/C:N/I:N/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Complete

Base Score 2.0

7.80

Severity 2.0

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:fujixerox:docucentre-vii_c7773_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c7773:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c6673_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c6673:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c5573_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c5573:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c4473_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c4473:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c3373_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c3373:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c3372_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c3372:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c2273_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c2273:-:::::::*
cpe:2.3:o:fujixerox:apeosport_c2570_firmware:-:::::::*

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:o:fujixerox:docucentre-vii_c7773_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c7773:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c6673_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c6673:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c5573_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c5573:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c4473_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c4473:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c3373_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c3373:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c3372_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c3372:-:::::::*
cpe:2.3:o:fujixerox:docucentre-vii_c2273_firmware:-:::::::*
cpe:2.3:h:fujixerox:docucentre-vii_c2273:-:::::::*
cpe:2.3:o:fujixerox:apeosport_c2570_firmware:-:::::::*

CVE-2021-20679

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools