CVE Vulnerabilities

CVE-2006-6430

Published: Dec 10, 2006 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.

Affected Software

Name Vendor Start Version End Version
Workcentre_255 Xerox * *
Workcentre_245 Xerox * *
Workcentre_238 Xerox * *
Workcentre_232 Xerox * *
Workcentre_232 Xerox * *
Workcentre_265 Xerox * *
Workcentre_245 Xerox * *
Workcentre_238 Xerox * *
Workcentre_275 Xerox * *
Workcentre_255 Xerox * *
Workcentre_275 Xerox * *
Workcentre_265 Xerox * *

References