7.8

CVE-2006-6430

EPSS 0.44%
Published 10.12.2006 11:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Xerox ≫ Workcentre 232

Xerox ≫ Workcentre 232 Editionpro

Xerox ≫ Workcentre 238

Xerox ≫ Workcentre 238 Editionpro

Xerox ≫ Workcentre 245

Xerox ≫ Workcentre 245 Editionpro

Xerox ≫ Workcentre 255

Xerox ≫ Workcentre 255 Editionpro

Xerox ≫ Workcentre 265

Xerox ≫ Workcentre 265 Editionpro

Xerox ≫ Workcentre 275

Xerox ≫ Workcentre 275 Editionpro

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.44%	0.623

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:C/I:N/A:N

http://secunia.com/advisories/23265

Vendor Advisory

http://www.securityfocus.com/bid/21365

http://www.vupen.com/english/advisories/2006/4791

http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf

https://exchange.xforce.ibmcloud.com/vulnerabilities/30679

https://nvd.nist.gov/vuln/detail/CVE-2006-6430

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6430

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6430

EUVD