CVE-2005-2200

Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/15970	Patch Vendor Advisory
http://securitytracker.com/id?1014429	Exploit Patch
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre_2128:0.001.04.044::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2128:0.001.04.504::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2636:0.001.04.044::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2636:0.001.04.504::pro_color:::::
	cpe:2.3:h:xerox:workcentre_3545:0.001.04.044::pro_color:::::
	cpe:2.3:h:xerox:workcentre_3545:0.001.04.504::pro_color:::::

History

No history.

Information

Published : 2005-07-11 04:00

Updated : 2023-12-10 10:28

NVD link : CVE-2005-2200

Mitre link : CVE-2005-2200

CVE.ORG link : CVE-2005-2200

JSON object : View

Products Affected

xerox

workcentre_3545
workcentre_2636
workcentre_2128

CWE

NVD-CWE-Other

{"id": "CVE-2005-2200", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2005-07-11T04:00:00.000", "references": [{"url": "http://secunia.com/advisories/15970", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1014429", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication."}], "lastModified": "2008-09-05T20:51:08.803", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_2128:0.001.04.044:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA305D4F-4307-4043-A749-B6BA0B8A8492"}, {"criteria": "cpe:2.3:h:xerox:workcentre_2128:0.001.04.504:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83C173B0-F30E-4AE6-9B1F-2D7C146EC620"}, {"criteria": "cpe:2.3:h:xerox:workcentre_2636:0.001.04.044:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89D31C14-FC15-456F-A5A3-3DD081C87CBC"}, {"criteria": "cpe:2.3:h:xerox:workcentre_2636:0.001.04.504:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD92B28A-F518-4056-90C8-6FEDE91E75F5"}, {"criteria": "cpe:2.3:h:xerox:workcentre_3545:0.001.04.044:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FE28C1C-E8D2-4161-B441-26A70E6C9A78"}, {"criteria": "cpe:2.3:h:xerox:workcentre_3545:0.001.04.504:*:pro_color:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA63412F-EB3C-4D33-AFA2-01FCED65EF9C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}