{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T15:29:20.530","vulnerabilities":[{"cve":{"id":"CVE-2024-27141","sourceIdentifier":"ecc0f906-8666-484c-bcf8-c3b7520a72f0","published":"2024-06-14T03:15:09.700","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers by sending a HTTP request without authentication. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL."},{"lang":"es","value":"Las impresoras Toshiba utilizan comunicación XML para el endpoint API proporcionado por la impresora. Para el endpoint, se utiliza la biblioteca de análisis XML y es vulnerable a una vulnerabilidad de entidad externa XML ciega (XXE) basada en el tiempo. Un atacante puede hacer DoS en las impresoras enviando una solicitud HTTP sin autenticación. Un atacante puede explotar el XXE para recuperar información. En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia."}],"metrics":{"cvssMetricV31":[{"source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0","type":"Secondary","description":[{"lang":"en","value":"CWE-776"}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2024/Jul/1","source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0"},{"url":"https://jvn.jp/en/vu/JVNVU97136265/index.html","source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0"},{"url":"https://www.toshibatec.com/information/20240531_01.html","source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0"},{"url":"https://www.toshibatec.com/information/pdf/information20240531_01.pdf","source":"ecc0f906-8666-484c-bcf8-c3b7520a72f0"},{"url":"http://seclists.org/fulldisclosure/2024/Jul/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://jvn.jp/en/vu/JVNVU97136265/index.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.toshibatec.com/information/20240531_01.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.toshibatec.com/information/pdf/information20240531_01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}