CVE & CISA-KEV Catalog

CVE-2022-29588

HIGHEPSS 73th pctl
7.5
CVSS v3
NVD

Description

Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.

How to fix

Remediation Available
bizhub 226i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 227 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 246i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 287 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 306i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 308 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 308e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 367 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 368 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 368e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 4052 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 458 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 458e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 4752 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 558 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 558e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 658e firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 758 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 808 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub 958 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c227 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c250i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c258 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c287 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c300i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c308 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3300i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3320i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3350i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3351 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c360i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c368 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3851 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c3851fs firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c4000i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c4050i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c450i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c458 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c550i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c558 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c650i firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c658 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c659 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub c759 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD
bizhub pro958 firmwareNVD
Affected:< 2022-04-14Fixed in:2022-04-14CVE-2022-29588derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityNone
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploit Intelligence

1.63%probability of exploitation in 30 days
73rdpercentile

Elevated risk: more likely to be exploited than 73% of all known CVEs.

References

Related Vulnerabilities

Other CWE-522 vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2019-17662Critical9.897%--
CVE-2020-29583Critical9.890%KEV-
CVE-2021-30116Critical10.086%KEV + RansomFix
CVE-2024-44000Critical9.883%-Fix
CVE-2018-9160Critical9.877%--
CVE-2017-9248Critical9.875%KEVFix
Embed a live status badge for CVE-2022-29588
CVE-2022-29588 severity badge

Markdown

[![CVE-2022-29588](https://tridentstack.com/cve/badge/CVE-2022-29588.svg)](https://tridentstack.com/cve/CVE-2022-29588)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-29588"><img src="https://tridentstack.com/cve/badge/CVE-2022-29588.svg" alt="CVE-2022-29588"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.