Token Generation Flaw in Xerox Workplace Suite
CVE-2024-55927

6.4MEDIUM

Key Information:

Vendor: Xerox
Status: Xerox Workplace Suite
Vendor: CVE Published:; 23 January 2025

Summary

The Xerox Workplace Suite is affected by a security vulnerability due to a flawed implementation of token generation, compounded by the presence of hard-coded keys. This serious design flaw can potentially allow unauthorized access and manipulation of sensitive data within the system. Organizations utilizing this product should prioritize updating their systems to mitigate the risks associated with this vulnerability.

Affected Version(s)

Xerox Workplace Suite Windows 0 < 5.6.701.9

References

https://securitydocs.business.xerox.com/wp-content/upload...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 23, 2025
Vulnerability Reserved
Dec 13, 2024