CVE-2006-6438
Severity Score
4.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file.
Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000, y 14.x anterior 14.050.03.000 deja datos de usuario en http.log después de un Immediate Image Overwrite (IIO), lo cual permite a un usuario local obtener datos a través de la lectura del fichero http.log
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-12-09 CVE Reserved
- 2006-12-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/23265 | 2008-09-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xerox Search vendor "Xerox" | Workcentre 232 Search vendor "Xerox" for product "Workcentre 232" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 232 Search vendor "Xerox" for product "Workcentre 232" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 238 Search vendor "Xerox" for product "Workcentre 238" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 238 Search vendor "Xerox" for product "Workcentre 238" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 245 Search vendor "Xerox" for product "Workcentre 245" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 245 Search vendor "Xerox" for product "Workcentre 245" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 255 Search vendor "Xerox" for product "Workcentre 255" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 255 Search vendor "Xerox" for product "Workcentre 255" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 265 Search vendor "Xerox" for product "Workcentre 265" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 265 Search vendor "Xerox" for product "Workcentre 265" | * | pro |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 275 Search vendor "Xerox" for product "Workcentre 275" | * | - |
Affected
| ||||||
| Xerox Search vendor "Xerox" | Workcentre 275 Search vendor "Xerox" for product "Workcentre 275" | * | pro |
Affected
| ||||||