Published: 26/01/2021 Updated: 21/07/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An issue exists in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xerox workcentre 3655 firmware
xerox workcentre 3655i firmware
xerox workcentre 5865 firmware
xerox workcentre 5875 firmware
xerox workcentre 5890 firmware
xerox workcentre 5865i firmware
xerox workcentre 5875i firmware
xerox workcentre 5945 firmware
xerox workcentre 5955 firmware
xerox workcentre 5945i firmware
xerox workcentre 5955i firmware
xerox workcentre 6655 firmware
xerox workcentre 6655i firmware
xerox workcentre 7220 firmware
xerox workcentre 7225 firmware
xerox workcentre 7220i firmware
xerox workcentre 7225i firmware
xerox workcentre 7830i firmware
xerox workcentre 7835i firmware
xerox workcentre 7845i firmware
xerox workcentre 7855i firmware
xerox workcentre 7830 firmware
xerox workcentre 7835 firmware
xerox workcentre 7845 firmware
xerox workcentre 7855 firmware
xerox workcentre 7970 firmware
xerox workcentre 7970i firmware
xerox workcentre ec7836 firmware
xerox workcentre ec7856 firmware
xerox workcentre 5890i firmware

CWE-327 https://securitydocs.business.xerox.com/wp-content/uploads/2020/06/cert_Security_Mini_Bulletin_XRX20L_for_ConnectKey-1.pdf https://nvd.nist.gov

CVE-2020-36201

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect