2020-03-19 22:29:45
mitre
PUBLISHED
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the devices web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the latest version.