Results 1 to 10 of 11

Thread: Security vulnerabilities in 412 version

Threaded View

  1. #1
    Join Date
    Aug 2016
    Posts
    6

    Post Security vulnerabilities in 412 version

    We recently updated to the version 412 firmware or version of the E10 Fiery. Since then our vulnerability scans are now seeing over 150 vulnerabilities on the device. Most are related to the PHP version used for the web code, the apache version used, and many are related the openSSL version on the system. Would also like to disable vulnerable SSL protocls like SSL v3 and require TLS 1.2, but don't see options to do this. I have attached the vulnerability list to this post

    Also when the scans run, the scanning tests the shares the fiery sets up and places a file on the Fiery open share. This causes a job to print that wastes about 30 pages of garbled content since it is not printer format I don't need to allow people to upload a file to the Fiery or do any print shop type of management of the jobs,people just print via windows printing share, so how can I properly disable the ability to drop a file into a FTP/Share on the fiery itself? I have tried disabling just about every print function minus the LPD and Port 9100 and it still happens every time a scan is run.

    Where can I find the latest update?
    I tried to use the "Check for product update" link to see if there are fixes released, but that fails connecting to updates.efi.com - And we did verify it is not being blocked by Firewwall or IDS. I tried outside our network and that fails to find that site as well. (412 update was given to us by vendor but they can't seem to figure out either how to secure this system). Is there an easy place to find the updates on the EFI site? I am used to finding a Firmware download section, but am not seeing that on the site.

    In these days of massive hacking and security sensativity, It would be nice if EFI started with a "secure from the start" methodology and then have people have to open the functions they require, rather than having the system be open by default and have to close all the open holes.

    I know EFI is not responsible for holes in Apache and PHP directly, but when they chose to package in their product, they should have regular plans to release security update to match their platform components fixes.
    Attached Files

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts