VDB
CVE-2024-20999
CVE-2024-20999
PUBLISHED
CVSS 8.699999809265137 HIGH
In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Schwachstellen in unter anderem OpenJDK, Apache und Mozilla Firefox. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
EPSS 0.11% · 29.4th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.11%
29.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Systems 8.8 | |
| Oracle | Oracle Systems 2.5 | |
| Amazon | Amazon Linux 2 | |
| Xerox | Xerox FreeFlow Print Server v7 | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Oracle | Oracle Systems 4 | |
| Oracle | Oracle Systems 11 |
Timeline
- Apr 16, 2024 CVE Published
- Apr 17, 2024 EPSS Score
- May 12, 2024 EPSS Score
- Jun 6, 2024 EPSS Score
- Jul 1, 2024 EPSS Score
- Jul 25, 2024 EPSS Score
- Aug 19, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 8, 2024 EPSS Score
- Nov 2, 2024 EPSS Score
- Nov 27, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0888.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0888 advisory
- https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixSUNS advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1248.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1248 advisory
- https://security.business.xerox.com/wp-content/uploads/2024/05/Xerox-Security-Bulletin-XRX24-010-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2024-2688.html advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory