1. Home
  2. CVE Database
  3. CVE-2019-18628
MEDIUM · 4.9

CVE-2019-18628

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to tur...

Vulnerability Description

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information disclosure.

CVSS Score

4.9

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
XeroxAltalink B8045 Firmware< 103.008.010.14010
XeroxAltalink B8045-
XeroxAltalink B8055 Firmware< 103.008.010.14010
XeroxAltalink B8055-
XeroxAltalink B8065 Firmware< 103.008.010.14010
XeroxAltalink B8065-
XeroxAltalink B8075 Firmware< 103.008.010.14010
XeroxAltalink B8075-
XeroxAltalink B8090 Firmware< 103.008.010.14010
XeroxAltalink B8090-
XeroxAltalink C8030 Firmware< 103.001.010.14010
XeroxAltalink C8030-
XeroxAltalink C8035 Firmware< 103.001.010.14010
XeroxAltalink C8035-
XeroxAltalink C8045 Firmware< 103.002.010.14010
XeroxAltalink C8045-
XeroxAltalink C8055 Firmware< 103.002.010.14010
XeroxAltalink C8055-
XeroxAltalink C8070 Firmware< 103.003.010.14010
XeroxAltalink C8070-

References

FAQ

What is CVE-2019-18628?

CVE-2019-18628 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to tur...

How severe is CVE-2019-18628?

CVE-2019-18628 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18628?

Check the references section above for vendor advisories and patch information. Affected products include: Xerox Altalink B8045 Firmware, Xerox Altalink B8045, Xerox Altalink B8055 Firmware, Xerox Altalink B8055, Xerox Altalink B8065 Firmware.