Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/23265 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/21365 - | |
References | () http://www.vupen.com/english/advisories/2006/4791 - | |
References | () http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/30679 - |
Information
Published : 2006-12-10 11:28
Updated : 2024-11-21 00:22
NVD link : CVE-2006-6430
Mitre link : CVE-2006-6430
CVE.ORG link : CVE-2006-6430
JSON object : View
Products Affected
xerox
- workcentre_245
- workcentre_232
- workcentre_238
- workcentre_275
- workcentre_255
- workcentre_265
CWE