CVE-2010-0548

Summary

CVE	CVE-2010-0548
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2010-02-04 20:15:00 UTC
Updated	2010-02-05 05:00:00 UTC
Description	Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, and 5687 allow remote attackers to (1) access mailboxes via unknown vectors that bypass Scan to Mailbox authorization or (2) read device configuration information via via unknown vectors that bypass web server authorization.

Risk And Classification

Problem Types: CWE-200

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Xerox	Workcentre 5632	All	All	All	All
Hardware	Xerox	Workcentre 5632	All	All	All	All
Hardware	Xerox	Workcentre 5638	All	All	All	All
Hardware	Xerox	Workcentre 5638	All	All	All	All
Hardware	Xerox	Workcentre 5645	All	All	All	All
Hardware	Xerox	Workcentre 5645	All	All	All	All
Hardware	Xerox	Workcentre 5655	All	All	All	All
Hardware	Xerox	Workcentre 5655	All	All	All	All
Hardware	Xerox	Workcentre 5665	All	All	All	All
Hardware	Xerox	Workcentre 5665	All	All	All	All
Hardware	Xerox	Workcentre 5675	All	All	All	All
Hardware	Xerox	Workcentre 5675	All	All	All	All
Hardware	Xerox	Workcentre 5687	All	All	All	All
Hardware	Xerox	Workcentre 5687	All	All	All	All

References

Reference	Source	Link	Tags
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com	Vendor Advisory
www.xerox.com/downloads/usa/en/c/cert_XRX10-002_v1.0.pdf	CONFIRM	www.xerox.com	Patch, Vendor Advisory
Xerox WorkCentre Authentication Bypass Vulnerabilities - Advisories - Community	SECUNIA	secunia.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.