Overview
- Description
- Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not properly restrict access to SMB file resources, which allows remote attackers to gain unspecified file or directory access via vectors related to (1) visibility of the SMB "Homes" share and (2) SMB file system browsing.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 6.4
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FC791FD-B20C-4428-82A0-0E8174B8AB03",
"versionEndIncluding": "13.050.02.000"
},
{
"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "628B8A80-E06B-4C8A-BC89-AAF760F28B89",
"versionEndIncluding": "13.050.02.000"
},
{
"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9562CF49-A540-4EA5-9120-B7DC007ED78C",
"versionEndIncluding": "14.050.02.000"
},
{
"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F7027CD-45A4-4759-AAA4-6B069DD2ED38",
"versionEndIncluding": "14.050.02.000"
}
],
"operator": "OR"
}
]
}
]