| Vulnerability Name: | CVE-2006-6433 (CCN-30706) | ||||||||
| Assigned: | 2006-11-30 | ||||||||
| Published: | 2006-11-30 | ||||||||
| Updated: | 2011-03-08 | ||||||||
| Summary: | Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 does not record accurate timestamps, which makes it easier for remote attackers to avoid detection when an audit tries to rely on these timestamps. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Other | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6433 Source: CCN Type: SA23265 XEROX WorkCentre Products Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 23265 Source: CCN Type: OSVDB ID: 31811 XEROX WorkCentre Products Audit Log Timestamp Failure Source: CCN Type: BID-21365 Xerox WorkCentre and WorkCentre Pro Multiple Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-4791 Source: CCN Type: XEROX SECURITY BULLETIN XRX06-006 Cumulative update to address multiple security vulnerabilities Source: CONFIRM Type: Patch http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf Source: XF Type: UNKNOWN xerox-timestamp-unspecified(30706) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||