Security Advisory

CVE-2024-27142

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-14 02:28:02

Last updated 2025-02-13 17:41:21

Assigner Toshiba

State PUBLISHED

Description

Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL.

← Browse all CVEs View on cve.org ↗