CVE-2006-6430

2006-12-1011:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.

References

secunia.com/advisories/23265

www.securityfocus.com/bid/21365

www.vupen.com/english/advisories/2006/4791

www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/30679