Shodan
Vulnerabilities
Vulnerable Software
Xerox:  Security Vulnerabilities
CVE-2006-6429
Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify certain configuration settings via unspecified vectors involving the "TFTP/BOOTP auto configuration option."
CVSS Score
5.0
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6430
Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.
CVSS Score
7.8
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6431
Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify signatures of e-mail messages via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.003
Published
2006-12-10
CVE-2006-6432
Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6433
Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 does not record accurate timestamps, which makes it easier for remote attackers to avoid detection when an audit tries to rely on these timestamps.
CVSS Score
5.0
EPSS Score
0.003
Published
2006-12-10
CVE-2006-6434
Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to bypass authentication controls via unknown vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6435
The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack.
CVSS Score
7.5
EPSS Score
0.008
Published
2006-12-10
CVE-2006-6436
Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages.
CVSS Score
6.8
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6437
ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows attackers to cause a denial of service (application crash and core dump) via a certain PS file.
CVSS Score
7.8
EPSS Score
0.004
Published
2006-12-10
CVE-2006-6438
Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file.
CVSS Score
4.9
EPSS Score
0.001
Published
2006-12-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved