Lucene search

[email protected]CVE-2006-4680

HistorySep 11, 2006 - 5:04 p.m.

CVE-2006-4680

2006-09-1117:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

canon

imagerunner

remote ui

vulnerability

cve-2006-4680

nvd

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON

The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information.

CPENameOperatorVersion
canon:imagerunner_c6800canon imagerunner c6800eq*
canon:imagerunner_8500canon imagerunner 8500eq*
canon:imagerunner_9070canon imagerunner 9070eq*
canon:imagerunner_6870canon imagerunner 6870eq*
canon:imagerunner_5020canon imagerunner 5020eq*
canon:imagerunner_2620canon imagerunner 2620eq*
canon:imagerunner_c3220canon imagerunner c3220eq*

CPE	Name	Operator	Version
canon:imagerunner_c6800	canon imagerunner c6800	eq	*
canon:imagerunner_8500	canon imagerunner 8500	eq	*
canon:imagerunner_9070	canon imagerunner 9070	eq	*
canon:imagerunner_6870	canon imagerunner 6870	eq	*
canon:imagerunner_5020	canon imagerunner 5020	eq	*
canon:imagerunner_2620	canon imagerunner 2620	eq	*
canon:imagerunner_c3220	canon imagerunner c3220	eq	*

References

secunia.com/advisories/21788

securityreason.com/securityalert/1538

www.securityfocus.com/archive/1/445302/100/0/threaded

www.securityfocus.com/archive/1/445532/100/0/threaded

www.securityfocus.com/bid/19865

www.vupen.com/english/advisories/2006/3501

exchange.xforce.ibmcloud.com/vulnerabilities/28795

7.1 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON