Xerox Releases Security Updates for DocuShare [CVE-2020-27177]
CVE number CVE-2020-27177
Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information.
There is a hotfix that includes fixes for the following vulnerabilities:
• CVE-2020-27177 – Unauthenticated external XML entity injection
• Server-Side Request Forgery
Further info – https://securitydocs.business.xerox.com/wp-content/uploads/2020/11/cert_Security_Mini_Bulletin_XRX20W_for-DocuShare-6.61_7.0_7.5.pdf
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.