Xerox ColorQube Unspecified Remote Protocol Authorization Bypass (XRX13-008)

critical Nessus Plugin ID 70660

Synopsis

The remote multi-function device is affected by an authorization bypass vulnerability.

Description

According to its model number and software version, the remote host is a Xerox ColorQube device that is affected by an unspecified, remote protocol authorization bypass vulnerability.

Solution

Apply the appropriate cumulative update as described in the Xerox security bulletin in the referenced URL.

See Also

http://www.nessus.org/u?b0b8eade

Plugin Details

Severity: Critical

ID: 70660

File Name: xerox_xrx13-008_colorqube.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 10/28/2013

Updated: 1/2/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:xerox:colorqube

Required KB Items: www/xerox_colorqube, www/xerox_colorqube/model, www/xerox_colorqube/ssw

Exploit Ease: No known exploits are available

Patch Publication Date: 10/21/2013

Vulnerability Publication Date: 10/21/2013

Reference Information

BID: 63270