Detections
Analytics
Xerox Document Centre Web Server Unspecified Unauthorized Access (XRX05-003)
high Nessus Plugin ID 18258
Language:
Synopsis
The remote web server is affected by an unauthorized access vulnerability.Description
According to its model number and software version, the remote host is a Xerox Document Centre or WorkCentre device with an embedded web server that could allow unauthorized access to the web server directory structure, which in turn could enable a remote attacker to gain access rights and to make unauthorized changes to the device's system configuration.Solution
Apply the P16 or P21 patches as described in the Xerox bulletins.See Also
https://www.xerox.com/downloads/usa/en/c/cert_XRX05_003.pdf
https://www.xerox.com/downloads/usa/en/c/CERT_Xerox_Security_XRX04-09.pdf
Plugin Details
Severity: High
ID: 18258
File Name: xerox_xrx05_003.nasl
Version: 1.20
Type: remote
Family: Misc.
Published: 5/14/2005
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.3
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/h:xerox:workcentre, cpe:/h:xerox:document_centre
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 3/7/2005
Reference Information
CVE: CVE-2005-1936
BID: 12783