CVE-2019-10881: Default hidden Privileged Account Vulnerability in multiple XEROX devices
First published: Tue Apr 13 2021(Updated: )
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.
Credit: cert@airbus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox Altalink B8045 Firmware | <103.008.010.14010 | |
| Xerox AltaLink B8045 | ||
| Xerox Altalink B8055 Firmware | <103.008.010.14010 | |
| Xerox Altalink B8055 | ||
| Xerox Altalink B8065 Firmware | <103.008.010.14010 | |
| Xerox Altalink B8065 | ||
| Xerox Altalink B8075 Firmware | <103.008.010.14010 | |
| Xerox Altalink B8075 | ||
| Xerox Altalink B8090 Firmware | <103.008.010.14010 | |
| Xerox Altalink B8090 | ||
| Xerox Altalink C8030 Firmware | <103.001.010.14010 | |
| Xerox Altalink C8030 | ||
| Xerox Altalink C8035 Firmware | <103.001.010.14010 | |
| Xerox AltaLink C8035 | ||
| Xerox Altalink C8045 Firmware | <103.002.010.14010 | |
| Xerox Altalink C8045 | ||
| Xerox Altalink C8055 Firmware | <103.002.010.14010 | |
| Xerox Altalink C8055 | ||
| Xerox Altalink C8070 Firmware | <103.003.010.14010 | |
| Xerox Altalink C8070 |
Remedy
No fix available for now.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-10881?
CVE-2019-10881 is a vulnerability in Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 that includes two accounts with weak hard-coded passwords, allowing unauthorized access.
How severe is CVE-2019-10881?
CVE-2019-10881 is considered critical with a severity rating of 9.8.
What is the CWE ID for CVE-2019-10881?
CVE-2019-10881 is associated with CWE IDs 798 and 259.
Are Xerox Altalink B8045/B8055/B8065/B8075/B8090 vulnerable to CVE-2019-10881?
Yes, Xerox Altalink B8045/B8055/B8065/B8075/B8090 devices with software releases before 103.xxx.030.32000 are vulnerable to CVE-2019-10881.
How can I fix CVE-2019-10881?
To fix CVE-2019-10881, update your Xerox AltaLink B8045/B8055/B8065/B8075/B8090 or AltaLink C8030/C8035/C8045/C8055/C8070 software to version 103.xxx.030.32000 or later.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/remedy
- agent/title
- agent/severity
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/xerox
- canonical/xerox altalink b8045 firmware
- canonical/xerox altalink b8045
- canonical/xerox altalink b8055 firmware
- canonical/xerox altalink b8055
- canonical/xerox altalink b8065 firmware
- canonical/xerox altalink b8065
- canonical/xerox altalink b8075 firmware
- canonical/xerox altalink b8075
- canonical/xerox altalink b8090 firmware
- canonical/xerox altalink b8090
- canonical/xerox altalink c8030 firmware
- canonical/xerox altalink c8030
- canonical/xerox altalink c8035 firmware
- canonical/xerox altalink c8035
- canonical/xerox altalink c8045 firmware
- canonical/xerox altalink c8045
- canonical/xerox altalink c8055 firmware
- canonical/xerox altalink c8055
- canonical/xerox altalink c8070 firmware
- canonical/xerox altalink c8070