CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-55928: Clear text secrets returned & Remote system secrets in clear text

6.8 CVSS

Description

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption

Classification

CVE ID: CVE-2024-55928

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.8

Affected Products

Vendor: Xerox

Product: Xerox Workplace Suite

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-25 (when was this score calculated)

References

https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf

Timeline

2025-01-28 00:30:35 UTC
CVE

Clear text secrets returned & Remote system secrets in clear text