Vulnerabilities > CVE-2006-6430 - Multiple vulnerability in Xerox WorkCentre and WorkCentre Pro
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 12 |
Nessus
NASL family | Misc. |
NASL id | XEROX_XRX06_006.NASL |
description | According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly suffers from multiple issues such as command injection and information disclosure vulnerabilities. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23751 |
published | 2006-12-01 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23751 |
title | Xerox WorkCentre Multiple Vulnerabilities (XRX06-006) |