{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-21T22:47:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-9330", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf", "refsource": "MISC", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf"}, {"name": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/", "refsource": "MISC", "url": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:26:16.065Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-9330", "datePublished": "2020-02-21T22:47:12", "dateReserved": "2020-02-21T00:00:00", "dateUpdated": "2024-08-04T10:26:16.065Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_3655_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0825FF49-7B9C-41D5-A9B5-DA4DFDC41137", "versionEndExcluding": "073.060.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_3655:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9548A64-CBFA-4562-ACCF-DC9BA10B4FC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_3655i_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "76562E1A-C285-411B-9652-E4B35CB314D9", "versionEndExcluding": "073.060.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_3655i:-:*:*:*:*:*:*:*", "matchCriteriaId": "49DC396F-28EC-4B73-A471-CD3539A746A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_5845_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "69531816-7366-4C99-A7E1-C0F442F1B8E7", "versionEndExcluding": "073.190.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_5845:-:*:*:*:*:*:*:*", "matchCriteriaId": "1DC3F825-CDCA-4DE9-89B6-5B403BDDB09C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_5855_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37BC436B-8411-4C98-8BA4-F57A298B4366", "versionEndExcluding": "073.190.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_5855:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ABBEAB2-2379-476D-A9D8-464BFA03D1A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_5945_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBCF1B63-4255-4868-B1E5-92DDE49FFDD6", "versionEndExcluding": "073.091.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_5945:-:*:*:*:*:*:*:*", "matchCriteriaId": "687EDD3B-00F0-48FB-89DB-5CEFF19A402B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_5955_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E8E8ACF-1B98-40E4-9135-4B18A934CC64", "versionEndExcluding": "073.091.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_5955:-:*:*:*:*:*:*:*", "matchCriteriaId": "EED80F8D-316D-479A-A436-0EAFC9120145", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_6655_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "824FA098-BE3F-4371-B884-84DB518CBECA", "versionEndExcluding": "073.110.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_6655:-:*:*:*:*:*:*:*", "matchCriteriaId": "24ED495D-E99F-40D1-B651-F39C77E307B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_6655i_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "777E48ED-FB26-44F1-8E01-AE1B70D8F334", "versionEndExcluding": "073.110.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_6655i:-:*:*:*:*:*:*:*", "matchCriteriaId": "75BE968D-572B-4E34-9AB5-D2B7779A3582", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7220_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F0760E8-DBD6-4F41-9AF4-FDBC1B9424E9", "versionEndExcluding": "073.030.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7220:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1D36448-38F7-4C4B-A66F-8B96F360144C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7225_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "812819A0-774C-44EE-8E9D-91B94CEE13D3", "versionEndExcluding": "073.030.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7225:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD9B953F-7360-4605-A016-E35DB388E73B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7830_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "691B5A4B-E984-4ADE-A97E-D7B3A75D54D4", "versionEndExcluding": "073.010.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7830:-:*:*:*:*:*:*:*", "matchCriteriaId": "7372F31A-6EE3-4DB2-89BF-48E2DD45477C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7835_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E08A95AD-51F3-4911-8FC4-F7A028187F52", "versionEndExcluding": "073.010.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7835:-:*:*:*:*:*:*:*", "matchCriteriaId": "327F1EC4-5FA3-4AFC-B1A0-5E0472BB7893", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7845_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "11ECA84A-FD5E-41E8-A0B4-EC962A058A9B", "versionEndExcluding": "073.010.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7845:-:*:*:*:*:*:*:*", "matchCriteriaId": "549583A3-16EF-4FF7-B9F2-50838ADBE3EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7855_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "31E8FEFF-A0C2-4970-9679-CE1E9ADE02F0", "versionEndExcluding": "073.010.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7855:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC95E9A5-0E1A-43AF-87D4-E9C06C780413", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7970_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAEA36E7-FD9C-446D-8489-38EA59960297", "versionEndExcluding": "073.200.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7970:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF90B89B-6067-4CCD-BF54-8F0FB6106339", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_7970i_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B170344C-1361-46F4-8242-CFA7CA54C0F7", "versionEndExcluding": "073.200.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_7970i:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD60A2AE-C2C6-498E-BC3F-6CA55BE1CE96", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_ec7836_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "400B4A09-259C-47C0-8F46-AE25C0C8B160", "versionEndExcluding": "073.050.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_ec7836:-:*:*:*:*:*:*:*", "matchCriteriaId": "857118A6-D5A2-4949-83CF-03E7C5ECFBB6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xerox:workcentre_ec7856_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F88724E5-90E6-4F8E-B1DD-0D96BA7312D4", "versionEndExcluding": "073.020.000.02300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_ec7856:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE3B6C35-4A03-42C0-9D2A-45E9905283CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices."}, {"lang": "es", "value": "Algunas impresoras Xerox WorkCentre versiones anteriores a 073.xxx.000.02300, no requieren que el usuario vuelva a introducir o compruebe las credenciales de enlace LDAP cuando se cambia la direcci\u00f3n IP del conector LDAP. Un actor malicioso que consigue acceso a los dispositivos afectados (por ejemplo, mediante el uso de credenciales predeterminadas) puede cambiar la direcci\u00f3n IP de la conexi\u00f3n LDAP a un sistema propiedad del actor sin tener conocimiento de las credenciales de enlace LDAP. Despu\u00e9s de cambiar la direcci\u00f3n IP de la conexi\u00f3n LDAP, los intentos de autenticaci\u00f3n subsiguientes resultar\u00edan en que la impresora env\u00ede credenciales LDAP (Active Directory) de texto plano al actor. Aunque las credenciales pueden pertenecer a un usuario no privilegiado, las organizaciones usan con frecuencia cuentas de servicio privilegiadas para vincularse al Active Directory. El atacante se afianza en el dominio de Active Directory como m\u00ednimo y puede usar las credenciales para tomar del control del dominio de Active Directory. Esto afecta a los dispositivos 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836** y EC7856**."}], "id": "CVE-2020-9330", "lastModified": "2024-11-21T05:40:25.413", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-21T23:15:11.497", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2020/02/cert_Security_Mini_Bulletin_XRX20D_for_ConnectKey.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.securicon.com/hackers-can-gain-active-directory-privileges-through-new-vulnerability-in-xerox-printers/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}