CVE-2020-36201 Information

Description

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655 3655i 58XX 58XXi 59XX 59XXi 6655 6655i 72XX 72XXi 78XX 78XXi 7970 7970i EC7836 and EC7856 devices.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://securitydocs.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20L_for_ConnectKey-1.pdf

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5