| Vulnerability Name: | CVE-2006-6472 (CCN-40185) | ||||||||
| Assigned: | 2006-11-30 | ||||||||
| Published: | 2006-11-30 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Other | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6469 Source: MITRE Type: CNA CVE-2006-6472 Source: CCN Type: SA23265 XEROX WorkCentre Products Multiple Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 23265 Source: CCN Type: OSVDB ID: 31816 XEROX WorkCentre Products Port 443 Persistence Unspecified Issue Source: CCN Type: OSVDB ID: 31819 XEROX WorkCentre Products PostgreSQL Port Access Unspecified Issue Source: CCN Type: XEROX SECURITY BULLETIN XRX06-004 Cumulative update to address multiple security vulnerabilities Source: CONFIRM Type: Vendor Advisory http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf Source: XF Type: UNKNOWN workcentre-multiple-port-unspecified(40185) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||