VDB
CVE-2022-24500
CVE-2022-24500
PUBLISHED
In Xerox FreeFlow Print Server gibt es mehrere Schwachstellen in verschiedenen Komponenten. Insbesondere ist der Server anfällig für die Schwachstelle "PRINTNIGHTMARE". Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.
EPSS 44.66% · 97.6th percentile
Risk Scores
EPSS Score
44.66%
97.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server 9 | |
| Xerox | Xerox FreeFlow Print Server v2 |
Exploit Intelligence
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc-repo)
- 0x7n6/CVE-2022-24500 (github-poc)
- 0x7n6/CVE-2022-24500 (github-poc)
- 0x7n6/CVE-2022-24500 (github-poc)
…and 8 more exploits
Timeline
- Apr 1, 2019 VulnCheck KEV Exploitation
- Jan 6, 2022 VulnCheck KEV Exploitation
- Apr 12, 2022 CVE Published
- Apr 16, 2022 EPSS Score
- May 19, 2022 EPSS Score
- Jul 18, 2022 EPSS Score
- Aug 31, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Aug 31, 2024 EPSS Score
- Sep 27, 2024 EPSS Score
- Oct 11, 2024 EPSS Score
- Nov 21, 2024 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0838.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0838 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf advisory
- https://security.business.xerox.com/wp-content/uploads/2022/05/Xerox-Security-Bulletin-XRX22-010-FreeFlowPrint-Server-v2-Windows10.pdf advisory