CVE-2006-6471

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 use weak permissions for certain files, which allows unspecified file access.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/23265	Patch Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*
	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*

History

No history.

Information

Published : 2006-12-11 18:28

Updated : 2023-12-10 10:40

NVD link : CVE-2006-6471

Mitre link : CVE-2006-6471

CVE.ORG link : CVE-2006-6471

JSON object : View

Products Affected

xerox

workcentre

CWE

NVD-CWE-Other

{"id": "CVE-2006-6471", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-11T18:28:00.000", "references": [{"url": "http://secunia.com/advisories/23265", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 use weak permissions for certain files, which allows unspecified file access."}, {"lang": "es", "value": "Xerox WorkCentre y WorkCentre Pro anterior a 12.050.03.000, 13.x anterior a 13.050.03.000, y 14.x anterior a 14.050.03.000 utiliza permisos d\u00e9biles para determinados archivos, lo cual permite acceso a archivos no especificados."}], "lastModified": "2008-09-05T21:14:49.597", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FC791FD-B20C-4428-82A0-0E8174B8AB03", "versionEndIncluding": "13.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "628B8A80-E06B-4C8A-BC89-AAF760F28B89", "versionEndIncluding": "13.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9562CF49-A540-4EA5-9120-B7DC007ED78C", "versionEndIncluding": "14.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F7027CD-45A4-4759-AAA4-6B069DD2ED38", "versionEndIncluding": "14.050.02.000"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}