Xerox Security Bulletin XRX10-002 (PDF 113K)

Original Release January 22, 2010
Vulnerabilities exist in the Network Controller and Web Server of the WorkCentre 5632/5638/5645/5655/5665/5675/5687, WorkCentre 5030/5050, WorkCentre 5135/5150, WorkCentre 6400, WorkCentre 7655/7665/7675, WorkCentre 7755/7765/7775, WorkCentre/WorkCentre Pro 232/238/245/255/265/275 and ColorQube 9201/9202/9203 products. If exploited these vulnerabilities could permit an attacker to either bypass Scan to Mailbox authorization to access mailboxes stored on the device or bypass web server authorization to view device configuration settings. Customer and user passwords are not exposed.