← voltar
CVE-2024-12510

LDAP Authentication Sever Pass-back attack

CVSS 6.7 MEDIUMEPSS 0.9%CWE-287
If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Produtos afetados
Xerox · Phaser 6510Xerox · Versalink B400Xerox · Versalink B405Xerox · Versalink B600/B610Xerox · Versalink B605/B615Xerox · Versalink B7025/B7030/B7035Xerox · Versalink B7125/B7130/B7135Xerox · Versalink C400Xerox · Versalink C405Xerox · Versalink C500/C600Xerox · Versalink C505/C605Xerox · Versalink C7000Xerox · Versalink C7020/C7025/C7030Xerox · Versalink C7120/C7125/C7130Xerox · Versalink C8000/C9000Xerox · Versalink C8000WXerox · WorkCentre 6515

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf