{"containers":{"cna":{"affected":[{"product":"AltaLink B8045/B8055/B8065/B8075/B8090","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"AltaLink C8030/C8035/C8045/C8055/C8070","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 3655","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 5845/5855/5865/5875/5890","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 5945/5955","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 6655","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 7220/7225","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 7830/7835/7845/7855","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 7970","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre EC7836/EC7856","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"ColorQube 9301/9302/9303","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"ColorQube 8700/8900","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 6400","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"Phaser 6700","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"Phaser 7800","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 5735/5740/5745/5755/5765/5775/5790","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 7525/7530/7535/7545/7556","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]},{"product":"WorkCentre 7755/7765/7775","vendor":"XEROX","versions":[{"status":"affected","version":"n/a"}]}],"credits":[{"lang":"en","value":"Raphaël Rigo from the Airbus Security Lab"}],"descriptions":[{"lang":"en","value":"Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.4,"baseSeverity":"CRITICAL","confidentialityImpact":"LOW","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","version":"3.0"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-259","description":"CWE-259 Use of Hard-coded Password","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-04-13T20:58:01.000Z","orgId":"24a3c815-5f22-4d74-967a-30958d6466f4","shortName":"airbus"},"references":[{"tags":["x_refsource_MISC"],"url":"https://airbus-seclab.github.io/"}],"solutions":[{"lang":"en","value":"No fix available for now."}],"source":{"discovery":"INTERNAL"},"title":"Default hidden Privileged Account Vulnerability in multiple XEROX devices","workarounds":[{"lang":"en","value":"There no known workaround for now available."}],"x_generator":{"engine":"Vulnogram 0.0.6"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cert@airbus.com","ID":"CVE-2019-10881","STATE":"PUBLIC","TITLE":"Default hidden Privileged Account Vulnerability in multiple XEROX devices"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"AltaLink B8045/B8055/B8065/B8075/B8090","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"AltaLink C8030/C8035/C8045/C8055/C8070","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 3655","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 5845/5855/5865/5875/5890","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 5945/5955","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 6655","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 7220/7225","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 7830/7835/7845/7855","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 7970","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre EC7836/EC7856","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"ColorQube 9301/9302/9303","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"ColorQube 8700/8900","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 6400","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"Phaser 6700","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"Phaser 7800","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 5735/5740/5745/5755/5765/5775/5790","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 7525/7530/7535/7545/7556","version":{"version_data":[{"version_value":"n/a"}]}},{"product_name":"WorkCentre 7755/7765/7775","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"XEROX"}]}},"credit":[{"lang":"eng","value":"Raphaël Rigo from the Airbus Security Lab"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled."}]},"generator":{"engine":"Vulnogram 0.0.6"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.4,"baseSeverity":"CRITICAL","confidentialityImpact":"LOW","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-259 Use of Hard-coded Password"}]}]},"references":{"reference_data":[{"name":"https://airbus-seclab.github.io/","refsource":"MISC","url":"https://airbus-seclab.github.io/"}]},"solution":[{"lang":"en","value":"No fix available for now."}],"source":{"discovery":"INTERNAL"},"work_around":[{"lang":"en","value":"There no known workaround for now available."}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:32:02.132Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://airbus-seclab.github.io/"}]}]},"cveMetadata":{"assignerOrgId":"24a3c815-5f22-4d74-967a-30958d6466f4","assignerShortName":"airbus","cveId":"CVE-2019-10881","datePublished":"2021-04-13T20:58:01.000Z","dateReserved":"2019-04-05T00:00:00.000Z","dateUpdated":"2024-08-04T22:32:02.132Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}