CVE-2022-29587 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4 MEDIUM	PHYSICAL	HIGH	LOW	CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Vendor	Product	Version
konicaminolta	bizhub_226i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_227_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_246i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_287_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_306i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_308_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_308e_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_367_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_368_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_368e_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_4052_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_458_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_458e_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_4752_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_558_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_558e_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_658e_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_758_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_808_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_958_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c227_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c250i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c258_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c287_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c300i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c308_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3300i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3320i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3350i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3351_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c360i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c368_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3851_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c3851fs_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c4000i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c4050i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c450i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c458_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c550i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c558_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c650i_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c658_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c659_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_c759_firmware	𝑥 < 2022-04-14
konicaminolta	bizhub_pro958_firmware	𝑥 < 2022-04-14

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://sec-consult.com/vulnerability-lab/

https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals/

https://sec-consult.com/vulnerability-lab/

https://sec-consult.com/vulnerability-lab/advisory/sandbox-escape-with-root-access-clear-text-passwords-in-konica-minolta-bizhub-mfp-printer-terminals/