CVE-2006-6430 Information

Description

Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000 13.x before 13.060.17.000 and 14.x before 14.060.17.000 do not require HTTPS which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic.

Reference

http://secunia.com/advisories/23265 http://www.securityfocus.com/bid/21365 http://www.vupen.com/english/advisories/2006/4791 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/30679