CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.4%
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
Vendor | Product | Version | CPE |
---|---|---|---|
xerox | colorqube_9201_firmware | 2013 | cpe:2.3:o:xerox:colorqube_9201_firmware:2013:*:*:*:*:*:*:* |
xerox | colorqube_9201 | - | cpe:2.3:h:xerox:colorqube_9201:-:*:*:*:*:*:*:* |
xerox | colorqube_9202_firmware | 2013 | cpe:2.3:o:xerox:colorqube_9202_firmware:2013:*:*:*:*:*:*:* |
xerox | colorqube_9202 | - | cpe:2.3:h:xerox:colorqube_9202:-:*:*:*:*:*:*:* |
xerox | colorqube_9203_firmware | 2013 | cpe:2.3:o:xerox:colorqube_9203_firmware:2013:*:*:*:*:*:*:* |
xerox | colorqube_9203 | - | cpe:2.3:h:xerox:colorqube_9203:-:*:*:*:*:*:*:* |
xerox | workcentre_6400_firmware | 2013 | cpe:2.3:o:xerox:workcentre_6400_firmware:2013:*:*:*:*:*:*:* |
xerox | workcentre_6400 | - | cpe:2.3:h:xerox:workcentre_6400:-:*:*:*:*:*:*:* |
xerox | workcentre_7525_firmware | 2013 | cpe:2.3:o:xerox:workcentre_7525_firmware:2013:*:*:*:*:*:*:* |
xerox | workcentre_7525 | - | cpe:2.3:h:xerox:workcentre_7525:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
76.4%