Security Advisory

CVE-2019-10880

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-12 17:37:54

Last updated 2024-08-04 22:32:02

Assigner airbus

State PUBLISHED

Description

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

← Browse all CVEs View on cve.org ↗