Vulnerability Details CVE-2021-20877
Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series (MF113W/MF212W/MF217W/MF227DW/MF229DW, MF232W/MF244DW/MF247DW/MF249DW, MF264DW/MF267DW/MF269DW/MF269DW VP, and MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW) and imageCLASS LBP Series (LBP113W/LBP151DW/LBP162DW ) sold in the US, and iSENSYS (LBP162DW, LBP113W, LBP151DW, MF269dw, MF267dw, MF264dw, MF113w, MF249dw, MF247dw, MF244dw, MF237w, MF232w, MF229dw, MF217w, MF212w, MF4780w, and MF4890dw) and imageRUNNER (2206IF, 2204N, and 2204F) sold in Europe) allows remote attackers to inject an arbitrary script via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.7%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
- https://cweb.canon.jp/e-support/info/211221xss.html
- https://jvn.jp/en/jp/JVN64806328/index.html
- https://jvn.jp/jp/JVN64806328/index.html
- https://www.canon-europe.com/support/product-security-latest-news/
- https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/Service-Notice-Canon-Laser-Printer-and-Small-Office-Multifunctional-Printer-related-to-cross-site-scripting
- https://cweb.canon.jp/e-support/info/211221xss.html
- https://jvn.jp/en/jp/JVN64806328/index.html
- https://jvn.jp/jp/JVN64806328/index.html
- https://www.canon-europe.com/support/product-security-latest-news/
- https://www.usa.canon.com/internet/portal/us/home/support/product-advisories/detail/Service-Notice-Canon-Laser-Printer-and-Small-Office-Multifunctional-Printer-related-to-cross-site-scripting
Products affected by CVE-2021-20877
-
cpe:2.3:h:canon:2204f:-
-
cpe:2.3:h:canon:2204n:-
-
cpe:2.3:h:canon:2206if:-
-
cpe:2.3:h:canon:lbp113w:-
-
cpe:2.3:h:canon:lbp151dw:-
-
cpe:2.3:h:canon:lbp162:-
-
cpe:2.3:h:canon:lbp162dw:-
-
cpe:2.3:h:canon:lbp162l:-
-
cpe:2.3:h:canon:mf113w:-
-
cpe:2.3:h:canon:mf212w:-
-
cpe:2.3:h:canon:mf217w:-
-
cpe:2.3:h:canon:mf222dw:-
-
cpe:2.3:h:canon:mf224dw:-
-
cpe:2.3:h:canon:mf227dw:-
-
cpe:2.3:h:canon:mf229dw:-
-
cpe:2.3:h:canon:mf232w:-
-
cpe:2.3:h:canon:mf237w:-
-
cpe:2.3:h:canon:mf242dw:-
-
cpe:2.3:h:canon:mf244dw:-
-
cpe:2.3:h:canon:mf245dw:-
-
cpe:2.3:h:canon:mf247dw:-
-
cpe:2.3:h:canon:mf249dw:-
-
cpe:2.3:h:canon:mf262dw:-
-
cpe:2.3:h:canon:mf264dw:-
-
cpe:2.3:h:canon:mf265dw:-
-
cpe:2.3:h:canon:mf267dw:-
-
cpe:2.3:h:canon:mf269dw:-
-
cpe:2.3:h:canon:mf269dw_vp:-
-
cpe:2.3:h:canon:mf4570dn:-
-
cpe:2.3:h:canon:mf4570dw:-
-
cpe:2.3:h:canon:mf4770n:-
-
cpe:2.3:h:canon:mf4780w:-
-
cpe:2.3:h:canon:mf4880dw:-
-
cpe:2.3:h:canon:mf4890dw:-