Path Traversal Vulnerability in Xerox FreeFlow Core
CVE-2024-47557

9.8CRITICAL

Key Information:

Vendor: Xerox
Status: Freeflow Core
Vendor: CVE Published:; 7 October 2024

Summary

A path traversal vulnerability exists in Xerox FreeFlow Core, which may allow an attacker to execute remote code on the affected system without prior authentication. By exploiting this flaw, unauthorized users can traverse directories to access sensitive files and potentially gain control over the system. It is crucial for organizations utilizing this product to apply any available patches and implement security measures to mitigate the risk associated with this vulnerability.

References

https://securitydocs.business.xerox.com/wp-content/upload...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 7, 2024