9.1критическая
CVE-2024-47406
Описание
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
Затрагиваемое ПО
Toshibatec E-studio1058 firmwareToshibatec E-studio1058Toshibatec E-studio1208 firmwareToshibatec E-studio1208Toshibatec E-studio908 firmwareToshibatec E-studio908Sharp Bp-90c70 firmwareSharp Bp-90c70Sharp Bp-90c80 firmwareSharp Bp-90c80Sharp Bp-70c65 firmwareSharp Bp-70c65Sharp Bp-70c55 firmwareSharp Bp-70c55Sharp Bp-70c45 firmwareSharp Bp-70c45Sharp Bp-70c36 firmwareSharp Bp-70c36Sharp Bp-70c31 firmwareSharp Bp-70c31Sharp Bp-60c45 firmwareSharp Bp-60c45Sharp Bp-60c36 firmwareSharp Bp-60c36Sharp Bp-60c31 firmware
CVSS
| Балл | 9.1 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
Источники
https://global.sharp/products/copier/info/info_security_2024-10.htmlhttps://jvn.jp/en/vu/JVNVU95063136/https://www.toshibatec.com/information/20241025_01.html