VDB
CVE-2023-51765
CVE-2023-51765
PUBLISHED
CVSS 8.699999809265137 HIGH
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
EPSS 0.84% · 75.0th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.84%
75.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Xerox FreeFlow Print Server v9 | |
| Open Source | Open Source sendmail | |
| Open Source | Open Source Postfix <3.9 | |
| Ubuntu | Ubuntu Linux | |
| IBM | IBM AIX 7.3 | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| IBM | IBM AIX 7.2 | |
| Fedora | Fedora Linux | |
| IBM | IBM VIOS 3.1 | |
| Open Source | Open Source Exim | |
| IBM | IBM VIOS 4.1 | |
| Dell | Dell NetWorker | |
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Debian | Debian Linux | |
| EMC | EMC Avamar | |
| Amazon | Amazon Linux 2 |
Exploit Intelligence
- CIRCL seen: CVE-2023-51765 (circl-sighting)
- CIRCL seen: CVE-2023-51765 (circl-sighting)
- CIRCL seen: CVE-2023-51765 (circl-sighting)
- CIRCL seen: CVE-2023-51765 (circl-sighting)
- https://www.youtube.com/watch?v=V8KPV96g1To (nist-nvd)
- CIRCL seen: CVE-2023-51765 (circl-sighting)
- https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html (circl)
- https://www.openwall.com/lists/oss-security/2023/12/22/7 (circl)
- https://www.openwall.com/lists/oss-security/2023/12/21/7 (circl)
- https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc (circl)
…and 18 more exploits
Timeline
- Dec 24, 2023 CVE Published
- Dec 24, 2023 EPSS Score
- Dec 24, 2023 PoC Published
- Jan 4, 2024 PoC Published
- Jan 4, 2024 PoC Published
- Jan 5, 2024 PoC Published
- Jan 5, 2024 PoC Published
- Jan 18, 2024 PoC Published
- Jan 22, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 17, 2024 EPSS Score
- May 16, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1248.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1248 advisory
- https://security.business.xerox.com/wp-content/uploads/2024/05/Xerox-Security-Bulletin-XRX24-010-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2024-2688.html advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3206.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3206 advisory
- https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html advisory
- https://ubuntu.com/security/notices/USN-6611-1 advisory
- https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html advisory
- https://ubuntu.com/security/notices/USN-6591-2 advisory
- https://alas.aws.amazon.com/ALAS-2024-1914.html advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2255563 advisory
- https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ advisory
- https://www.mail-archive.com/postfix-users@postfix.org/msg100901.html advisory
- https://github.com/advisories/GHSA-j5jm-hg4x-w8rx advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2255852 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2255869 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017566.html advisory
- https://alas.aws.amazon.com/ALAS-2024-1908.html advisory
…and 19 more