CVE-2024-55927

High CVSS: 7.6

A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading to unauthorized access to sensitive functions.

Vendor

Xerox

Product

Workplace Suite

CWE

CWE-798

Yayın Tarihi

2025-01-23 18:15:31

Güncelleme

2026-02-28 01:21:42

Source Identifier

10b61619-3869-496c-8a1e-f291b0e71e3f

KEV Date Added

Kategoriler

CWE-798 Workplace Suite HIGH Xerox 2025

Referanslar

https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf

Benzer Kayıtlar

High

CVE-2026-2252

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via craft…

Critical

CVE-2026-2251

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows…

Medium

CVE-2026-1769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox Centr…

Critical

CVE-2025-8356

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized file…

High

CVE-2025-8355

In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker…

Medium

CVE-2024-55931

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is…