| Vulnerability Name: | CVE-2006-6441 (CCN-40182) | ||||||||
| Assigned: | 2006-11-30 | ||||||||
| Published: | 2006-11-30 | ||||||||
| Updated: | 2008-09-10 | ||||||||
| Summary: | Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows local users to bypass security controls and boot Alchemy via certain alternate boot media, as demonstrated by a USB thumb drive. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P) 3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6441 Source: CCN Type: SA23265 XEROX WorkCentre Products Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 23265 Source: CCN Type: OSVDB ID: 31823 XEROX WorkCentre Products USB Alchemy Boot Bypass Source: CCN Type: XEROX SECURITY BULLETIN XRX06-004 Cumulative update to address multiple security vulnerabilities Source: CONFIRM Type: UNKNOWN http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf Source: XF Type: UNKNOWN workcentre-alchemy-security-bypass(40182) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||