Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)

medium Nessus Plugin ID 86710
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote multi-function device is affected by multiple vulnerabilities.

Description

According to its model number and software version, the remote host is a Xerox ColorQube device that is affected by multiple vulnerabilities :

- An information disclosure vulnerability exists in the bundled version of OpenSSL due to a flaw in the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that allows nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack.
(CVE-2014-0076)

- A denial of service vulnerability exists in the bundled version of OpenSSL due to a recursion flaw in the DTLS functionality. A remote attacker can exploit this, via a specially crafted request, to crash the DTLS client application. (CVE-2014-0221)

- An unspecified error exists in the bundled version of OpenSSL due to a flaw in the handshake process. A remote attacker can exploit this, via a crafted handshake, to force the client or server to use weak keying material, allowing simplified man-in-the-middle attacks.
(CVE-2014-0224)

- A denial of service vulnerability exists in the bundled version of OpenSSL due to an unspecified flaw related to the ECDH ciphersuite. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)

- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

Solution

Upgrade to firmware version PS 4.76.0 and net controller version 43.90.10.14.2015.

See Also

http://www.nessus.org/u?15fd6bad

https://www.openssl.org/news/secadv/20140605.txt

http://ccsinjection.lepidum.co.jp/

https://www.imperialviolet.org/2014/06/05/earlyccs.html

Plugin Details

Severity: Medium

ID: 86710

File Name: xerox_xrx15ao_colorqube.nasl

Version: 1.6

Type: remote

Family: Misc.

Published: 11/3/2015

Updated: 11/20/2019

Dependencies: xerox_colorqube_detect.nbin

Risk Information

CVSS Score Source: CVE-2014-0224

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:xerox:colorqube

Required KB Items: www/xerox_colorqube, www/xerox_colorqube/model, www/xerox_colorqube/ess, www/xerox_colorqube/ps

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/14/2015

Vulnerability Publication Date: 2/24/2014

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-0076, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470

BID: 66363, 67898, 67899, 67901

CERT: 978508