Vulnerability Details CVE-2022-25342
An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Broken Access Control. It does not properly validate requests for access to data and functionality under the /mngset/authset path. By not verifying permissions for access to resources, it allows a potential attacker to view pages that are not allowed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.3%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.5
References
Products affected by CVE-2022-25342
-
cpe:2.3:h:olivetti:d-color_mf3555:-
-
cpe:2.3:o:olivetti:d-color_mf3555_firmware:2xd_s000.002.271