CVE-2006-6430
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.
Servicios Web en Xerox WorkCentre y WorkCentre Pro anterior 12.060.17.000, 13.x anterior 13.060.17.000, y 14.x anterior 14.060.17.000 no requiere HTTPS, lo cual permite a un atacante remoto obtener información sensible a través de sniffing del tráfico no encriptado HTTP.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-12-09 CVE Reserved
- 2006-12-10 CVE Published
- 2023-10-14 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/21365 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/4791 | Vdb Entry | |
| http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30679 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/23265 | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xerox Search vendor "Xerox" | Workcentre 232 Search vendor "Xerox" for product "Workcentre 232" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 232 Search vendor "Xerox" for product "Workcentre 232" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 238 Search vendor "Xerox" for product "Workcentre 238" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 238 Search vendor "Xerox" for product "Workcentre 238" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 245 Search vendor "Xerox" for product "Workcentre 245" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 245 Search vendor "Xerox" for product "Workcentre 245" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 255 Search vendor "Xerox" for product "Workcentre 255" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 255 Search vendor "Xerox" for product "Workcentre 255" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 265 Search vendor "Xerox" for product "Workcentre 265" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 265 Search vendor "Xerox" for product "Workcentre 265" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 275 Search vendor "Xerox" for product "Workcentre 275" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 275 Search vendor "Xerox" for product "Workcentre 275" | * | pro |
Affected
| ||||||