Xerox WorkCentre Printer prior 073.xxx.000.02300 LDAP insufficiently protected credentials

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, has been found in Xerox WorkCentre Printer (Printing Software). Affected by this issue is an unknown code block of the component LDAP Handler. Upgrading to version 073.xxx.000.02300 eliminates this vulnerability.

Field	02/22/2020 10:43 AM	02/22/2020 10:48 AM
vendor	Xerox	Xerox
name	WorkCentre Printer	WorkCentre Printer
component	LDAP Handler	LDAP Handler
risk	2	2
historic	0	0
cvss2_vuldb_basescore	6.8	6.8
cvss2_vuldb_tempscore	5.9	5.9
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	M	M
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss3_meta_basescore	8.0	8.0
cvss3_meta_tempscore	7.7	7.7
cvss3_vuldb_basescore	7.3	7.3
cvss3_vuldb_tempscore	7.0	7.0
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
date	1582243200 (02/21/2020)	1582243200 (02/21/2020)
price_0day	$0-$5k	$0-$5k
name	Upgrade	Upgrade
upgrade_version	073.xxx.000.02300	073.xxx.000.02300
cve	CVE-2020-9330	CVE-2020-9330
cvss2_vuldb_e	ND	ND
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	X	X
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	X	X
cvss3_nvd_basescore	8.8	8.8
type		Printing Software
cwe	0	522 (information disclosure)
cvss2_nvd_av		N
cvss2_nvd_ac		L
cvss2_nvd_au		S
cvss2_nvd_ci		P
cvss2_nvd_ii		N
cvss2_nvd_ai		N
cvss3_nvd_av		N
cvss3_nvd_ac		L
cvss3_nvd_pr		L
cvss3_nvd_ui		N
cvss3_nvd_s		U
cvss3_nvd_c		H
cvss3_nvd_i		H
cvss3_nvd_a		H
cve_assigned		1582243200
cve_nvd_summary		Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!