Vulnerability CVE-2010-0548
Published: 2010-02-04   Modified: 2012-02-13

Description:
Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or (2) read device configuration information via via unknown vectors that bypass web server authorization.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Xerox -> Workcentre 5632 
Xerox -> Workcentre 5638 
Xerox -> Workcentre 5645 
Xerox -> Workcentre 5655 
Xerox -> Workcentre 5665 
Xerox -> Workcentre 5675 
Xerox -> Workcentre 5687 

 References:
http://www.xerox.com/downloads/usa/en/c/cert_XRX10-002_v1.0.pdf
http://www.vupen.com/english/advisories/2010/0209
http://secunia.com/advisories/38139
Copyright 2024, cxsecurity.com

 

Back to Top