CVE-2022-26904 — Vulnetix

CVE-2022-26904 PUBLISHED KEV

In Xerox FreeFlow Print Server gibt es mehrere Schwachstellen in verschiedenen Komponenten. Insbesondere ist der Server anfällig für die Schwachstelle "PRINTNIGHTMARE". Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.

EPSS 23.00% · 96.0th percentile

Risk Scores

EPSS Score

23.00%

96.0th percentile

Affected Products

Vendor	Product	Versions
Xerox	Xerox FreeFlow Print Server v2
Xerox	Xerox FreeFlow Print Server 9

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL seen: CVE-2022-26904 (circl-sighting)
CIRCL exploited: CVE-2022-26904 (circl-sighting)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26904 (circl)

…and 29 more exploits

Timeline

Mar 28, 2022 VulnCheck KEV Exploitation
Apr 5, 2022 VulnCheck KEV Exploitation
Apr 11, 2022 PoC Published
Apr 12, 2022 PoC Published
Apr 12, 2022 CVE Published
Apr 13, 2022 PoC Published
Apr 16, 2022 EPSS Score
Apr 25, 2022 CISA KEV Added
Apr 27, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Jun 14, 2023 PoC Published
Aug 30, 2023 EPSS Score

References

Open in Interactive Console →