ГлавнаяУязвимости → CVE-2024-47005
8.1высокая

CVE-2024-47005

Описание

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs.

Затрагиваемое ПО
Toshibatec E-studio1058 firmwareToshibatec E-studio1058Toshibatec E-studio1208 firmwareToshibatec E-studio1208Toshibatec E-studio908 firmwareToshibatec E-studio908Sharp Bp-90c70 firmwareSharp Bp-90c70Sharp Bp-90c80 firmwareSharp Bp-90c80Sharp Bp-70c65 firmwareSharp Bp-70c65Sharp Bp-70c55 firmwareSharp Bp-70c55Sharp Bp-70c45 firmwareSharp Bp-70c45Sharp Bp-70c36 firmwareSharp Bp-70c36Sharp Bp-70c31 firmwareSharp Bp-70c31Sharp Bp-60c45 firmwareSharp Bp-60c45Sharp Bp-60c36 firmwareSharp Bp-60c36Sharp Bp-60c31 firmware
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Источники
https://global.sharp/products/copier/info/info_security_2024-10.htmlhttps://jvn.jp/en/vu/JVNVU95063136/https://www.toshibatec.com/information/20241025_01.html