{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-04T04:04:34.961","vulnerabilities":[{"cve":{"id":"CVE-2019-10880","sourceIdentifier":"cert@airbus.com","published":"2019-04-12T18:29:01.177","lastModified":"2026-06-17T02:11:46.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the \"nobody\" user through a crafted \"HTTP\" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary."},{"lang":"es","value":"En múltiples productos XEROX, una vulnerabilidad permite la ejecución remota de comandos en el sistema Linux, como el usuario \"nobody\", a través de una petición \"HTTP\" modificada (vulnerabilidad de inyección de comandos en el sistema operativo en la interfaz HTTP). Dependiendo de la configuración, la autenticación puede no ser necesaria."}],"affected":[{"source":"cert@airbus.com","affectedData":[{"vendor":"XEROX","product":"AltaLink B8045/B8055/B8065/B8075/B8090","versions":[{"version":"unspecified","lessThanOrEqual":"101.008.008.27400","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"AltaLink C8030/C8035/C8045/C8055/C8070","versions":[{"version":"unspecified","lessThanOrEqual":"101.001.008.27400","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 3655","versions":[{"version":"unspecified","lessThanOrEqual":"073.060.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 5845/5855/5865/5875/5890","versions":[{"version":"unspecified","lessThanOrEqual":"073.190.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 5945/5955","versions":[{"version":"unspecified","lessThanOrEqual":"073.091.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 6655","versions":[{"version":"unspecified","lessThanOrEqual":"073.110.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 7220/7225","versions":[{"version":"unspecified","lessThanOrEqual":"073.030.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 7830/7835/7845/7855","versions":[{"version":"unspecified","lessThanOrEqual":"073.010.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 7970","versions":[{"version":"unspecified","lessThanOrEqual":"073.200.075.34540","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre EC7836/EC7856","versions":[{"version":"unspecified","lessThanOrEqual":"073.020.167.17200","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"ColorQube 9301/9302/9303","versions":[{"version":"unspecified","lessThan":"072.xxx.009.07200","versionType":"custom","status":"affected"}]},{"vendor":"XEROX","product":"ColorQube 8700/8900","versions":[{"version":"unspecified","lessThan":"072.xxx.009.07200","versionType":"custom","status":"affected"}]},{"vendor":"XEROX","product":"WorkCentre 6400","versions":[{"version":"unspecified","lessThanOrEqual":"061.070.100.24201","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"Phaser 6700","versions":[{"version":"unspecified","lessThanOrEqual":"081.140.103.22600","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"Phaser 7800","versions":[{"version":"unspecified","lessThanOrEqual":"081.150.103.05600","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 5735/5740/5745/5755/5765/5775/5790","versions":[{"version":"unspecified","lessThanOrEqual":"061.132.221.21403","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 7525/7530/7535/7545/7556","versions":[{"version":"unspecified","lessThanOrEqual":"061.121.224.18803","versionType":"custom","status":"unknown"}]},{"vendor":"XEROX","product":"WorkCentre 7755/7765/7775","versions":[{"version":"unspecified","lessThanOrEqual":"061.090.220.19700","versionType":"custom","status":"unknown"}]}]}],"metrics":{"cvssMetricV30":[{"source":"cert@airbus.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cert@airbus.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xerox:colorqube_8700_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"072.161.009.07200","matchCriteriaId":"D2CDCD57-1A53-41C3-AE50-4EFAD1F8E636"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xerox:colorqube_8700:-:*:*:*:*:*:*:*","matchCriteriaId":"2764BB3A-9201-49C4-9774-C8906FE14741"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xerox:colorqube_8900_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"072.161.009.07200","matchCriteriaId":"1FB5A103-83B9-4684-9B11-04C9A9001354"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xerox:colorqube_8900:-:*:*:*:*:*:*:*","matchCriteriaId":"59018173-83A8-4389-8AE2-BB987144C1A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xerox:colorqube_9301_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"072.180.009.07200","matchCriteriaId":"E24AA3BC-06CC-4D61-9A43-939B6289F7C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xerox:colorqube_9301:-:*:*:*:*:*:*:*","matchCriteriaId":"99B41C5B-0045-49E8-B34D-67FD42449B44"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xerox:colorqube_9302_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"072.180.009.07200","matchCriteriaId":"727615E8-7289-4B06-89C2-3B9D0597C8D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xerox:colorqube_9302:-:*:*:*:*:*:*:*","matchCriteriaId":"A20F7D5C-7187-40E3-8C3F-3F70729AF2CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xerox:colorqube_9303_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"072.180.009.07200","matchCriteriaId":"58960946-14EF-4FDB-9735-C0B1060384C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xerox:colorqube_9303:-:*:*:*:*:*:*:*","matchCriteriaId":"847E973A-3C1A-4969-B6BD-E56CC49BC7AD"}]}]}],"references":[{"url":"https://airbus-seclab.github.io/","source":"cert@airbus.com","tags":["Not Applicable"]},{"url":"https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf","source":"cert@airbus.com","tags":["Vendor Advisory"]},{"url":"https://airbus-seclab.github.io/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}