CVE-2006-6432

Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/23265	Vendor Advisory
http://www.securityfocus.com/bid/21365
http://www.vupen.com/english/advisories/2006/4791
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/30678
http://secunia.com/advisories/23265	Vendor Advisory
http://www.securityfocus.com/bid/21365
http://www.vupen.com/english/advisories/2006/4791
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/30678

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre:12.060.17.000:::::::*
	cpe:2.3:h:xerox:workcentre:12.060.17.000::pro:::::
	cpe:2.3:h:xerox:workcentre:13.060.17.000:::::::*
	cpe:2.3:h:xerox:workcentre:13.060.17.000::pro:::::
	cpe:2.3:h:xerox:workcentre:14.060.17.000:::::::*
	cpe:2.3:h:xerox:workcentre:14.060.17.000::pro:::::

History

No history.

Information

Published : 2006-12-10 11:28

Updated : 2025-04-09 00:30

NVD link : CVE-2006-6432

Mitre link : CVE-2006-6432

CVE.ORG link : CVE-2006-6432

JSON object : View

Products Affected

xerox

workcentre

CWE

NVD-CWE-Other

{"id": "CVE-2006-6432", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-10T11:28:00.000", "references": [{"url": "http://secunia.com/advisories/23265", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21365", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4791", "source": "cve@mitre.org"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30678", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/23265", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/21365", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/4791", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30678", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors."}, {"lang": "es", "value": "Vulnerabildad no especificada en la caracter\u00edstica Scan-to-mailbox en Xerox WorkCentre y WorkCentre Pro anterior 12.060.17.000, 13.x anterior 13.060.17.000, y 14.x anterior 14.060.17.000 permite a un atacante remoto descargar ciertos archivos a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre:12.060.17.000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF9C033D-37D1-445F-B0FC-5B388805506D"}, {"criteria": "cpe:2.3:h:xerox:workcentre:12.060.17.000:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216F3E75-F438-4090-980E-E8E4895B7CA0"}, {"criteria": "cpe:2.3:h:xerox:workcentre:13.060.17.000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA3716B1-3B5F-44A5-A5A2-ADA965536D02"}, {"criteria": "cpe:2.3:h:xerox:workcentre:13.060.17.000:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A2E5932-2D90-48C2-93F7-D3040F872E35"}, {"criteria": "cpe:2.3:h:xerox:workcentre:14.060.17.000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEFAD4E9-11AC-425D-A95C-9C722177A51C"}, {"criteria": "cpe:2.3:h:xerox:workcentre:14.060.17.000:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EF56EDD-26FE-405B-9BAA-E5279E46FD32"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}