icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Xerox Document Centre Authentication Bypass

High

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is running Xerox Document Centre, an administrative, web-based GUI to a Xerox device. This version is reportedly prone to a remote authentication bypass attack. While there are no details currently available, it is believed that remote anonymous users may be able to subvert the authentication mechanism in such a way as to gain administrative access to all or portions of the web server.

Solution

Upgrade or patch according to vendor recommendations.