4.9

CVE-2006-6438

EPSS 0.06%
Published 10.12.2006 11:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Xerox ≫ Workcentre 232

Xerox ≫ Workcentre 232 Editionpro

Xerox ≫ Workcentre 238

Xerox ≫ Workcentre 238 Editionpro

Xerox ≫ Workcentre 245

Xerox ≫ Workcentre 245 Editionpro

Xerox ≫ Workcentre 255

Xerox ≫ Workcentre 255 Editionpro

Xerox ≫ Workcentre 265

Xerox ≫ Workcentre 265 Editionpro

Xerox ≫ Workcentre 275

Xerox ≫ Workcentre 275 Editionpro

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.2

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:C/I:N/A:N

http://secunia.com/advisories/23265

Vendor Advisory

http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf

https://nvd.nist.gov/vuln/detail/CVE-2006-6438

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6438

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6438

EUVD