Lucene search

[email protected]CVE-2006-0827

HistoryFeb 21, 2006 - 11:02 p.m.

CVE-2006-0827

2006-02-2123:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

xerox

workcentre

vulnerability

xss

security

ess

network controller

microserver

nvd

6.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.0%

JSON

Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CPENameOperatorVersion
xerox:workcentre_255xerox workcentre 255eq*
xerox:workcentre_245xerox workcentre 245eq*
xerox:workcentre_238xerox workcentre 238eq*
xerox:workcentre_232xerox workcentre 232eq*
xerox:workcentre_265xerox workcentre 265eq*
xerox:workcentre_275xerox workcentre 275eq*

CPE	Name	Operator	Version
xerox:workcentre_255	xerox workcentre 255	eq	*
xerox:workcentre_245	xerox workcentre 245	eq	*
xerox:workcentre_238	xerox workcentre 238	eq	*
xerox:workcentre_232	xerox workcentre 232	eq	*
xerox:workcentre_265	xerox workcentre 265	eq	*
xerox:workcentre_275	xerox workcentre 275	eq	*

References

secunia.com/advisories/18952

www.securityfocus.com/bid/16727

www.vupen.com/english/advisories/2006/0668

www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/24806

6.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.0%

JSON

Related for CVE-2006-0827

prion1 nessus1