CVE-2010-0548

critical

Description

Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or (2) read device configuration information via via unknown vectors that bypass web server authorization.

References

http://www.xerox.com/downloads/usa/en/c/cert_XRX10-002_v1.0.pdf

http://www.vupen.com/english/advisories/2010/0209

http://secunia.com/advisories/38139

Details

Source: Mitre, NVD

Published: 2010-02-04

Updated: 2010-02-05

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical