CVE-2005-2200

Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf	Patch Vendor Advisory
http://securitytracker.com/id?1014429	Exploit Patch
http://secunia.com/advisories/15970	Patch Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre_2128:0.001.04.044::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2128:0.001.04.504::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2636:0.001.04.504::pro_color:::::
	cpe:2.3:h:xerox:workcentre_3545:0.001.04.504::pro_color:::::
	cpe:2.3:h:xerox:workcentre_2636:0.001.04.044::pro_color:::::
	cpe:2.3:h:xerox:workcentre_3545:0.001.04.044::pro_color:::::

Information

Published : 2005-07-10 21:00

Updated : 2008-09-05 13:51

NVD link : CVE-2005-2200

Mitre link : CVE-2005-2200

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

xerox

workcentre_2128
workcentre_3545
workcentre_2636

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf", "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://securitytracker.com/id?1014429", "name": "1014429", "tags": ["Exploit", "Patch"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/15970", "name": "15970", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-2200", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2005-07-11T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:xerox:workcentre_2128:0.001.04.044:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:xerox:workcentre_2128:0.001.04.504:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:xerox:workcentre_2636:0.001.04.504:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:xerox:workcentre_3545:0.001.04.504:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:xerox:workcentre_2636:0.001.04.044:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:xerox:workcentre_3545:0.001.04.044:*:pro_color:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:51Z"}