CVE-2024-55931

EUVD-2024-52855
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised. 

The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
XeroxCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
xeroxworkplace_suite
𝑥
< 5.6.701.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf