VDB
CVE-2023-49993
CVE-2023-49993
PUBLISHED
CVSS 8.699999809265137 HIGH
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
EPSS 0.02% · 6.0th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.02%
6.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v9 | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| Amazon | Amazon Linux 2 |
Timeline
- Dec 12, 2023 CVE Published
- Dec 13, 2023 EPSS Score
- Jan 2, 2024 PoC Published
- Jan 11, 2024 EPSS Score
- Feb 9, 2024 EPSS Score
- Mar 10, 2024 EPSS Score
- Apr 8, 2024 EPSS Score
- May 7, 2024 EPSS Score
- Jun 5, 2024 EPSS Score
- Jul 4, 2024 EPSS Score
- Aug 3, 2024 EPSS Score
- Sep 1, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1248.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1248 advisory
- https://security.business.xerox.com/wp-content/uploads/2024/05/Xerox-Security-Bulletin-XRX24-010-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2024-2688.html advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory