Xerox WorkCentre Printer prior 073.xxx.000.02300 LDAP insufficiently protected credentials

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in Xerox WorkCentre Printer (Printing Software). Affected by this issue is an unknown code block of the component LDAP Handler. Upgrading to version 073.xxx.000.02300 eliminates this vulnerability.

Field02/22/2020 10:43 AM02/22/2020 10:48 AM
vendorXeroxXerox
nameWorkCentre PrinterWorkCentre Printer
componentLDAP HandlerLDAP Handler
risk22
historic00
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore5.95.9
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore8.08.0
cvss3_meta_tempscore7.77.7
cvss3_vuldb_basescore7.37.3
cvss3_vuldb_tempscore7.07.0
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
date1582243200 (02/21/2020)1582243200 (02/21/2020)
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version073.xxx.000.02300073.xxx.000.02300
cveCVE-2020-9330CVE-2020-9330
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_nvd_basescore8.88.8
typePrinting Software
cwe0522 (information disclosure)
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cve_assigned1582243200
cve_nvd_summaryCertain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices.

Do you need the next level of professionalism?

Upgrade your account now!