CVE-2006-6440

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to "HTTP Security issues."

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/23265	Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf
http://secunia.com/advisories/23265	Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre_232::::::::
	cpe:2.3:h:xerox:workcentre_232:::pro:::::*
	cpe:2.3:h:xerox:workcentre_238::::::::
	cpe:2.3:h:xerox:workcentre_238:::pro:::::*
	cpe:2.3:h:xerox:workcentre_245::::::::
	cpe:2.3:h:xerox:workcentre_245:::pro:::::*
	cpe:2.3:h:xerox:workcentre_255::::::::
	cpe:2.3:h:xerox:workcentre_255:::pro:::::*
	cpe:2.3:h:xerox:workcentre_265::::::::
	cpe:2.3:h:xerox:workcentre_265:::pro:::::*
	cpe:2.3:h:xerox:workcentre_275::::::::
	cpe:2.3:h:xerox:workcentre_275:::pro:::::*

History

21 Nov 2024, 00:22

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/23265 - Vendor Advisory~~	() http://secunia.com/advisories/23265 - Vendor Advisory
References	~~() http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf -~~	() http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf -

Information

Published : 2006-12-10 11:28

Updated : 2025-04-09 00:30

NVD link : CVE-2006-6440

Mitre link : CVE-2006-6440

CVE.ORG link : CVE-2006-6440

JSON object : View

Products Affected

xerox

workcentre_245
workcentre_275
workcentre_238
workcentre_255
workcentre_265
workcentre_232

CWE

NVD-CWE-Other

{"id": "CVE-2006-6440", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-10T11:28:00.000", "references": [{"url": "http://secunia.com/advisories/23265", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/23265", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000, y 14.x anterior 14.050.03.000 permite a atacantes remotos tener un impacto no especifico a trav\u00e9s de vectores no especificados relacionados con \"asuntos de seguridad HTTP\"."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24E761E4-0B6C-4C2A-BFCA-4CFC5620E91C"}, {"criteria": "cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74245D08-446A-4988-BCFD-85509C4CE340"}, {"criteria": "cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12790FD1-DECA-4074-9458-3F88823190EF"}, {"criteria": "cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88E2F705-B185-4211-B0CC-1E295E5B4471"}, {"criteria": "cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D7FE90B-21E6-4628-AD70-37BB9644CBD9"}, {"criteria": "cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "573640FF-609D-4441-B7DD-3477F239A00E"}, {"criteria": "cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8204B5C0-0B87-48BD-9678-5101B048C135"}, {"criteria": "cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A2128EF-5847-4097-84BC-5CAC270F1C10"}, {"criteria": "cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAE44F85-3F9A-45FC-A411-1D1B4C2E33D7"}, {"criteria": "cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8FD8F59-E229-4138-9B85-7E15A80CF5DD"}, {"criteria": "cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92119B14-94C5-4D3D-811E-EB7336E39F3E"}, {"criteria": "cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DC671C6-7444-4E3D-ACAB-8905A0DB40CB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}