CVE-2019-13170

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*
cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-03-13 19:15

Updated : 2024-02-04 21:00


NVD link : CVE-2019-13170

Mitre link : CVE-2019-13170

CVE.ORG link : CVE-2019-13170


JSON object : View

Products Affected

xerox

  • phaser_3320_firmware
  • phaser_3320
CWE
CWE-352

Cross-Site Request Forgery (CSRF)