Details of VAR-201402-0583

ID

VAR-201402-0583

TITLE

Xerox ColorQube has multiple unspecified vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2014-00827

DESCRIPTION

The Xerox ColorQube is a multifunction machine with print/scan/copy/fax. Xerox ColorQube has multiple security vulnerabilities and no detailed vulnerability details are available. Limited information is currently available regarding these issues. We will update this BID as more information emerges. Xerox ColorQube 8700 and 8900 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2014-00827 // BID: 65468

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-00827

AFFECTED PRODUCTS

vendor:	xerox	model:	colorqube	scope:	eq	version:	8700	Trust: 0.6
vendor:	xerox	model:	colorqube	scope:	eq	version:	8900	Trust: 0.6
vendor:	xerox	model:	colorqube	scope:	eq	version:	890071.161.20323400	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	890071.161.20309300	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	890071.160.22310700	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	890071.160.10135100	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	870071.161.20323400	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	870071.161.20309300	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	870071.160.22310700	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	eq	version:	870071.160.10135100	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	ne	version:	890071.161.20315600	Trust: 0.3
vendor:	xerox	model:	colorqube	scope:	ne	version:	870071.161.20315600	Trust: 0.3

sources: CNVD: CNVD-2014-00827 // BID: 65468

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-00827
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2014-00827
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-00827

THREAT TYPE

network

Trust: 0.3

sources: BID: 65468

TYPE

Unknown

Trust: 0.3

sources: BID: 65468

PATCH

title:

Xerox ColorQube has multiple patches for unknown vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/43502

Trust: 0.6

sources: CNVD: CNVD-2014-00827

EXTERNAL IDS

db:	BID	id:	65468	Trust: 0.9
db:	CNVD	id:	CNVD-2014-00827	Trust: 0.6

sources: CNVD: CNVD-2014-00827 // BID: 65468

REFERENCES

url:	http://www.securityfocus.com/bid/65468/	Trust: 0.6
url:	http://www.office.xerox.com/multifunction-printer/color-multifunction/colorqube-8900/enus.html	Trust: 0.3
url:	http://www.xerox.com/download/security/security-bulletin/f89c-4f1d6f982b8a7/cert_xrx14-001_v1.0.pdf	Trust: 0.3

sources: CNVD: CNVD-2014-00827 // BID: 65468

CREDITS

The vendor reported these issues.

Trust: 0.3

sources: BID: 65468

SOURCES

db:	CNVD	id:	CNVD-2014-00827
db:	BID	id:	65468

LAST UPDATE DATE

2022-05-17T01:46:34.301000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-00827	date:	2014-02-13T00:00:00
db:	BID	id:	65468	date:	2014-02-10T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-00827	date:	2014-02-14T00:00:00
db:	BID	id:	65468	date:	2014-02-10T00:00:00