Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Toshiba

Published: 2024-06-14T02:28:02.965Z

Updated: 2024-08-02T00:27:59.056Z

Reserved: 2024-02-21T02:11:53.250Z

Link: CVE-2024-27142

cve-icon Vulnrichment

Updated: 2024-08-02T00:27:59.056Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-14T03:15:10.007

Modified: 2024-11-21T09:03:56.237

Link: CVE-2024-27142

cve-icon Redhat

No data.