CVE-2024-55931

MEDIUM
2025-01-27 10b61619-3869-496c-8a1e-f291b0e71e3f
Information Disclosure Workplace Suite
6.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:05 vuln.today
CVE Published
Jan 27, 2025 - 12:15 nvd
MEDIUM 6.5

DescriptionNVD

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised.

The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.

AnalysisAI

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-922. Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised. The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin. Affected products include: Xerox Workplace Suite.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2024-55931 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy