7.5

CVE-2020-36201

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

Data is provided by the National Vulnerability Database (NVD)
XeroxWorkcentre 3655 Firmware Version < 075.060.000.12010
   XeroxWorkcentre 3655 Version-
XeroxWorkcentre 3655i Firmware Version < 075.060.000.12010
   XeroxWorkcentre 3655i Version-
XeroxWorkcentre 5865 Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5865 Version-
XeroxWorkcentre 5875 Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5875 Version-
XeroxWorkcentre 5890 Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5890 Version-
XeroxWorkcentre 5865i Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5865i Version-
XeroxWorkcentre 5875i Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5875i Version-
XeroxWorkcentre 5945 Firmware Version < 075.091.010.12010
   XeroxWorkcentre 5945 Version-
XeroxWorkcentre 5955 Firmware Version < 075.091.010.12010
   XeroxWorkcentre 5955 Version-
XeroxWorkcentre 5945i Firmware Version < 075.091.010.12010
   XeroxWorkcentre 5945i Version-
XeroxWorkcentre 5955i Firmware Version < 075.091.010.12010
   XeroxWorkcentre 5955i Version-
XeroxWorkcentre 6655 Firmware Version < 075.110.010.12010
   XeroxWorkcentre 6655 Version-
XeroxWorkcentre 6655i Firmware Version < 075.110.010.12010
   XeroxWorkcentre 6655i Version-
XeroxWorkcentre 7220 Firmware Version < 075.030.000.12010
   XeroxWorkcentre 7220 Version-
XeroxWorkcentre 7225 Firmware Version < 075.030.000.12010
   XeroxWorkcentre 7225 Version-
XeroxWorkcentre 7220i Firmware Version < 075.030.000.12010
   XeroxWorkcentre 7220i Version-
XeroxWorkcentre 7225i Firmware Version < 075.030.000.12010
   XeroxWorkcentre 7225i Version-
XeroxWorkcentre 7830i Firmware Version < 075.010.000.12010
   XeroxWorkcentre 7830i Version-
XeroxWorkcentre 7835i Firmware Version < 075.010.000.12010
   XeroxWorkcentre 7835i Version-
XeroxWorkcentre 7845i Firmware Version < 075.040.000.12010
   XeroxWorkcentre 7845i Version-
XeroxWorkcentre 7855i Firmware Version < 075.040.000.12010
   XeroxWorkcentre 7855i Version-
XeroxWorkcentre 7830 Firmware Version < 075.010.000.12010
   XeroxWorkcentre 7830 Version-
XeroxWorkcentre 7835 Firmware Version < 075.010.000.12010
   XeroxWorkcentre 7835 Version-
XeroxWorkcentre 7845 Firmware Version < 075.040.000.12010
   XeroxWorkcentre 7845 Version-
XeroxWorkcentre 7855 Firmware Version < 075.040.000.12010
   XeroxWorkcentre 7855 Version-
XeroxWorkcentre 7970 Firmware Version < 075.200.000.12010
   XeroxWorkcentre 7970 Version-
XeroxWorkcentre 7970i Firmware Version < 075.200.000.12010
   XeroxWorkcentre 7970i Version-
XeroxWorkcentre Ec7836 Firmware Version < 075.050.010.12010
   XeroxWorkcentre Ec7836 Version-
XeroxWorkcentre Ec7856 Firmware Version < 075.020.010.12010
   XeroxWorkcentre Ec7856 Version-
XeroxWorkcentre 5890i Firmware Version < 075.190.010.12010
   XeroxWorkcentre 5890i Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.322
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.