Vulnerability Description
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Colorqube 9201 Firmware | 2013 |
| Xerox | Colorqube 9201 | - |
| Xerox | Colorqube 9202 Firmware | 2013 |
| Xerox | Colorqube 9202 | - |
| Xerox | Colorqube 9203 Firmware | 2013 |
| Xerox | Colorqube 9203 | - |
| Xerox | Workcentre 6400 Firmware | 2013 |
| Xerox | Workcentre 6400 | - |
| Xerox | Workcentre 7525 Firmware | 2013 |
| Xerox | Workcentre 7525 | - |
| Xerox | Workcentre 7530 Firmware | 2013 |
| Xerox | Workcentre 7530 | - |
| Xerox | Workcentre 7535 Firmware | 2013 |
| Xerox | Workcentre 7535 | - |
| Xerox | Workcentre 7545 Firmware | 2013 |
| Xerox | Workcentre 7545 | - |
| Xerox | Workcentre 7556 Firmware | 2013 |
| Xerox | Workcentre 7556 | - |
| Xerox | Workcentre 7755 Firmware | 2013 |
| Xerox | Workcentre 7755 | - |
Related Weaknesses (CWE)
References
- http://firmware.re/usenixsec14/ExploitThird Party Advisory
- http://firmware.re/vulns/acsa-2013-005.phpExploitVendor Advisory
- http://firmware.re/usenixsec14/ExploitThird Party Advisory
- http://firmware.re/vulns/acsa-2013-005.phpExploitVendor Advisory
FAQ
What is CVE-2013-6362?
CVE-2013-6362 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
How severe is CVE-2013-6362?
CVE-2013-6362 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2013-6362?
Check the references section above for vendor advisories and patch information. Affected products include: Xerox Colorqube 9201 Firmware, Xerox Colorqube 9201, Xerox Colorqube 9202 Firmware, Xerox Colorqube 9202, Xerox Colorqube 9203 Firmware.