CVE

Id
22534  
CVE No.
CVE-2006-6430  
Status
Candidate  
Description
Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.  
Phase
Assigned (20061209)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
217642 22534 CVE-2006-6430 CONFIRM:http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf  View
217643 22534 CVE-2006-6430 BID:21365  View
217644 22534 CVE-2006-6430 URL:http://www.securityfocus.com/bid/21365  View
217645 22534 CVE-2006-6430 VUPEN:ADV-2006-4791  View
217646 22534 CVE-2006-6430 URL:http://www.vupen.com/english/advisories/2006/4791  View
217647 22534 CVE-2006-6430 SECUNIA:23265  View
217648 22534 CVE-2006-6430 URL:http://secunia.com/advisories/23265  View
217649 22534 CVE-2006-6430 XF:xerox-https-security-bypass(30679)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61314 JVNDB-2006-003580 Xerox WorkCentre および WorkCentre Pro の Scan-to-mailbox 機能における特定のファイルをダウンロードされる脆弱性 Xerox WorkCentre および WorkCentre Pro の Scan-to-mailbox 機能には、特定のファイルをダウンロードされる脆弱性が存在します。 CVE-2006-6432 22534 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003580.html  View