Lucene search

MitreCVE-2005-2647

HistoryAug 23, 2005 - 4:00 a.m.

CVE-2005-2647

2005-08-2304:00:00

mitre

web.nvd.nist.gov

cve-2005-2647

xss

xerox microserver

document centre

web server

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

61.4%

JSON

Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.

Affected configurations

Nvd

Node

xeroxdocument_centre_265

xeroxdocument_centre_332

xeroxdocument_centre_340

xeroxdocument_centre_420

xeroxdocument_centre_490

xeroxdocument_centre_535

xeroxdocument_centre_555

VendorProductVersionCPE
xeroxdocument_centre_265*cpe:2.3:h:xerox:document_centre_265:*:*:*:*:*:*:*:*
xeroxdocument_centre_332*cpe:2.3:h:xerox:document_centre_332:*:*:*:*:*:*:*:*
xeroxdocument_centre_340*cpe:2.3:h:xerox:document_centre_340:*:*:*:*:*:*:*:*
xeroxdocument_centre_420*cpe:2.3:h:xerox:document_centre_420:*:*:*:*:*:*:*:*
xeroxdocument_centre_490*cpe:2.3:h:xerox:document_centre_490:*:*:*:*:*:*:*:*
xeroxdocument_centre_535*cpe:2.3:h:xerox:document_centre_535:*:*:*:*:*:*:*:*
xeroxdocument_centre_555*cpe:2.3:h:xerox:document_centre_555:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xerox	document_centre_265	*	cpe:2.3:h:xerox:document_centre_265::::::::
xerox	document_centre_332	*	cpe:2.3:h:xerox:document_centre_332::::::::
xerox	document_centre_340	*	cpe:2.3:h:xerox:document_centre_340::::::::
xerox	document_centre_420	*	cpe:2.3:h:xerox:document_centre_420::::::::
xerox	document_centre_490	*	cpe:2.3:h:xerox:document_centre_490::::::::
xerox	document_centre_535	*	cpe:2.3:h:xerox:document_centre_535::::::::
xerox	document_centre_555	*	cpe:2.3:h:xerox:document_centre_555::::::::

References

secunia.com/advisories/16467

securitytracker.com/id?1014720

www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf

www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf

Social References

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

61.4%

JSON

Related for CVE-2005-2647