CVE-2021-20877

{"id": "CVE-2021-20877", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 1.7}]}, "published": "2022-02-08T11:15:07.663", "references": [{"url": "https://cweb.canon.jp/e-support/info/211221xss.html", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/en/jp/JVN64806328/index.html", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://jvn.jp/jp/JVN64806328/index.html", "tags": ["Third Party Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://www.canon-europe.com/support/product-security-latest-news/", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/Service-Notice-Canon-Laser-Printer-and-Small-Office-Multifunctional-Printer-related-to-cross-site-scripting", "tags": ["Vendor Advisory"], "source": "vultures@jpcert.or.jp"}, {"url": "https://cweb.canon.jp/e-support/info/211221xss.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://jvn.jp/en/jp/JVN64806328/index.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://jvn.jp/jp/JVN64806328/index.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.canon-europe.com/support/product-security-latest-news/", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/Service-Notice-Canon-Laser-Printer-and-Small-Office-Multifunctional-Printer-related-to-cross-site-scripting", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series (MF113W/MF212W/MF217W/MF227DW/MF229DW, MF232W/MF244DW/MF247DW/MF249DW, MF264DW/MF267DW/MF269DW/MF269DW VP, and MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW) and imageCLASS LBP Series (LBP113W/LBP151DW/LBP162DW ) sold in the US, and iSENSYS (LBP162DW, LBP113W, LBP151DW, MF269dw, MF267dw, MF264dw, MF113w, MF249dw, MF247dw, MF244dw, MF237w, MF232w, MF229dw, MF217w, MF212w, MF4780w, and MF4890dw) and imageRUNNER (2206IF, 2204N, and 2204F) sold in Europe) allows remote attackers to inject an arbitrary script via unspecified vectors."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-site scripting en las impresoras l\u00e1ser y multifuncionales de peque\u00f1a oficina de Canon (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, y MF229dw/MF224dw/MF222dw vendidos en Jap\u00f3n, la serie MF imageCLASS (MF113W/MF212W/MF217W/MF227DW/MF229DW, MF232W/MF244DW/MF247DW/MF249DW, MF264DW/MF267DW/MF269DW VP, y MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW) y la serie imageCLASS LBP (LBP113W/LBP151DW/LBP162DW ) vendidas en EE.UU., e iSENSYS (LBP162DW, LBP113W, LBP151DW, MF269dw, MF267dw, MF264dw, MF113w, MF249dw, MF247dw, MF244dw, MF237w, MF232w, MF229dw, MF217w, MF212w, MF4780w y MF4890dw) y imageRUNNER (2206IF, 2204N y 2204F) vendidos en Europa) permite a atacantes remotos inyectar un script arbitrario por medio de vectores no especificados"}], "lastModified": "2024-11-21T05:47:20.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:canon:2204f:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CE733C2-C168-44DB-A7CD-E843CA419DA4"}, {"criteria": "cpe:2.3:h:canon:2204n:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6136055F-640E-4270-AE5B-4DB7BCAD3A73"}, {"criteria": "cpe:2.3:h:canon:2206if:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96281AFA-FBFB-40D8-8462-EDF06654B68C"}, {"criteria": "cpe:2.3:h:canon:lbp113w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DF50F0A-0B4C-4B5C-A3D8-2B8DA5266CA6"}, {"criteria": "cpe:2.3:h:canon:lbp151dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "249B2617-22D5-4E83-9AF9-ABE3280D5330"}, {"criteria": "cpe:2.3:h:canon:lbp162:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18D10A1A-31C7-4B7E-B571-BF794FE90453"}, {"criteria": "cpe:2.3:h:canon:lbp162dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8006A58-6A22-44A4-873A-8C88998B3B4E"}, {"criteria": "cpe:2.3:h:canon:lbp162l:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "862785C2-3F5F-45D6-8EAD-E81B08ED9745"}, {"criteria": "cpe:2.3:h:canon:mf113w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E9019D-689F-4438-AB63-0D3B4BC2D1CF"}, {"criteria": "cpe:2.3:h:canon:mf212w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BFF65AB-5D73-487E-B4E0-E773922B953E"}, {"criteria": "cpe:2.3:h:canon:mf217w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4660CAEC-C9E9-4081-A594-1C669D98B923"}, {"criteria": "cpe:2.3:h:canon:mf222dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF4B2D83-45E3-4D1C-8DD5-35750C20BE00"}, {"criteria": "cpe:2.3:h:canon:mf224dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98611A24-5F63-45E5-B028-1D4B0090B9B8"}, {"criteria": "cpe:2.3:h:canon:mf227dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "467B13AB-4F81-466E-8F04-2030A868451B"}, {"criteria": "cpe:2.3:h:canon:mf229dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C8B2246-BE16-4EA0-9B3D-1A3626BF37DB"}, {"criteria": "cpe:2.3:h:canon:mf232w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A64DF80-8323-4DEF-991B-5657910E7504"}, {"criteria": "cpe:2.3:h:canon:mf237w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC88D5BA-D54A-46AF-9F68-28BC78F1061C"}, {"criteria": "cpe:2.3:h:canon:mf242dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA3FD0C2-0030-45ED-A7E3-BCC91CD2EEAE"}, {"criteria": "cpe:2.3:h:canon:mf244dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2B39590-B870-43C0-A0E7-D293DCCBBA76"}, {"criteria": "cpe:2.3:h:canon:mf245dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "162D13F4-6CD5-4C31-B6A7-34AD1752BFE1"}, {"criteria": "cpe:2.3:h:canon:mf247dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2F8688C-F46F-4038-99F3-B2DBC0F6A4D3"}, {"criteria": "cpe:2.3:h:canon:mf249dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "314AC8CD-29AA-4F0C-88C0-7613645EE891"}, {"criteria": "cpe:2.3:h:canon:mf262dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C23914F-3BAB-4E5F-9AAC-C686554C2063"}, {"criteria": "cpe:2.3:h:canon:mf264dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49944C71-0486-4D6B-B5E4-98ED236A94B2"}, {"criteria": "cpe:2.3:h:canon:mf265dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5164A7F-7393-4986-82B6-73748E1DBE94"}, {"criteria": "cpe:2.3:h:canon:mf267dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEE6904A-EA34-40FA-96C8-B45068F73ED8"}, {"criteria": "cpe:2.3:h:canon:mf269dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6658823D-A276-40E2-B00C-E77583896D10"}, {"criteria": "cpe:2.3:h:canon:mf269dw_vp:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A2F214-97CB-4998-8681-4D255169DCFE"}, {"criteria": "cpe:2.3:h:canon:mf4570dn:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E794B9A-280A-4DF6-BC52-9D225ABF2B88"}, {"criteria": "cpe:2.3:h:canon:mf4570dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E9494B2-AA76-4A03-B1A1-EA70CBC51F0B"}, {"criteria": "cpe:2.3:h:canon:mf4770n:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D210895-DA17-40DF-BFCF-2FF67BEA0A46"}, {"criteria": "cpe:2.3:h:canon:mf4780w:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6C2EFBD-6421-4027-9710-2FE3A5F631D5"}, {"criteria": "cpe:2.3:h:canon:mf4880dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CB9F5F9-1E67-4314-85BB-6209987FBCC0"}, {"criteria": "cpe:2.3:h:canon:mf4890dw:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F6C210A-329A-45CC-9165-77E37499E358"}], "operator": "OR"}]}], "sourceIdentifier": "vultures@jpcert.or.jp"}