Details of VAR-201012-0375

ID

VAR-201012-0375

TITLE

Xerox WorkCentre Scan to Email Information Disclosure Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2010-3159 // BID: 45332

DESCRIPTION

The Xerox WorkCentre is an all-in-one. The scan-to-email feature is flawed. Two different scan-to-Email documents can be mixed into one document. This problem often occurs during high-resolution scanning of complex documents. Can cause sensitive information to leak. Xerox WorkCentre is prone to an information-disclosure vulnerability. Attackers may be able to exploit this issue to gain access to potentially sensitive information that may aid in further attacks. The following models of Xerox WorkCentre are vulnerable: 5735 5740 5745 5755 5765 5775 5790

Trust: 0.81

sources: CNVD: CNVD-2010-3159 // BID: 45332

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2010-3159

AFFECTED PRODUCTS

vendor:	xerox	model:	workcentre	scope:	eq	version:	5735	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5740	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5745	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5755	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5775	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5790	Trust: 0.9
vendor:	xerox	model:	workcentre	scope:	eq	version:	5765	Trust: 0.3

sources: CNVD: CNVD-2010-3159 // BID: 45332

THREAT TYPE

network

Trust: 0.3

sources: BID: 45332

TYPE

Design Error

Trust: 0.3

sources: BID: 45332

PATCH

title:

Xerox WorkCentre scans patches to email information disclosure vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/2047

Trust: 0.6

sources: CNVD: CNVD-2010-3159

EXTERNAL IDS

db:	BID	id:	45332	Trust: 0.9
db:	CNVD	id:	CNVD-2010-3159	Trust: 0.6

sources: CNVD: CNVD-2010-3159 // BID: 45332

REFERENCES

url:	http://www.xerox.com/downloads/usa/en/c/cert_xrx10-005_v1.0.pdf	Trust: 0.9
url:	http://www.xerox.com	Trust: 0.3

sources: CNVD: CNVD-2010-3159 // BID: 45332

CREDITS

Xerox

Trust: 0.3

sources: BID: 45332

SOURCES

db:	CNVD	id:	CNVD-2010-3159
db:	BID	id:	45332

LAST UPDATE DATE

2022-05-17T02:01:23.329000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2010-3159	date:	2013-09-06T00:00:00
db:	BID	id:	45332	date:	2010-12-10T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2010-3159	date:	2010-12-13T00:00:00
db:	BID	id:	45332	date:	2010-12-10T00:00:00