CVE-2022-43969 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.1 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	9.1 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 39%

Vendor	Product	Version
ricoh	mp_c307_firmware	𝑥 ≤ 1.14
ricoh	mp_c407_firmware	𝑥 ≤ 1.14
ricoh	mp_c406_firmware	𝑥 ≤ 1.20
ricoh	mp_c306_firmware	𝑥 ≤ 1.20
ricoh	im_cw2200_firmware	𝑥 ≤ 1.01
ricoh	im_cw2201_firmware	𝑥 ≤ 1.11
ricoh	mp_402spf_firmware	𝑥 ≤ 1.12
ricoh	mp_c2003_smart_operation_panel_firmware	𝑥 ≤ 1.14
ricoh	mp_c2503_smart_operation_panel_firmware	𝑥 ≤ 1.14
ricoh	mp_c2003_firmware	𝑥 ≤ 1.17
ricoh	mp_c2503_firmware	𝑥 ≤ 1.17
ricoh	mp_c4503_firmware	𝑥 ≤ 1.12
ricoh	mp_c5503_firmware	𝑥 ≤ 1.12
ricoh	mp_c6003_firmware	𝑥 ≤ 1.12
ricoh	mp_c3003_firmware	𝑥 ≤ 1.19
ricoh	mp_c3503_firmware	𝑥 ≤ 1.19
ricoh	mp_c4503_smart_operation_panel_firmware	𝑥 ≤ 2.17
ricoh	mp_c5503_smart_operation_panel_firmware	𝑥 ≤ 2.17
ricoh	mp_c6003_smart_operation_panel_firmware	𝑥 ≤ 2.17
ricoh	mp_c3003_smart_operation_panel_firmware	𝑥 ≤ 2.15
ricoh	mp_c3503_smart_operation_panel_firmware	𝑥 ≤ 2.15
ricoh	mp_c2004ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c2504ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c4504ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c5504ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c6004ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c3004ex_firmware	𝑥 ≤ 1.15
ricoh	mp_c3504ex_firmware	𝑥 ≤ 1.15
ricoh	pro_c5300s_firmware	𝑥 ≤ 1.07
ricoh	pro_c5310s_firmware	𝑥 ≤ 1.07
ricoh	m_c2001_firmware	𝑥 ≤ 1.01
ricoh	im_c530f_firmware	𝑥 ≤ 6.17
ricoh	im_c530fb_firmware	𝑥 ≤ 6.17
ricoh	im_350f_firmware	𝑥 ≤ 1.10
ricoh	im_350_firmware	𝑥 ≤ 1.10
ricoh	im_430f_firmware	𝑥 ≤ 1.10
ricoh	im_430fb_firmware	𝑥 ≤ 1.10
ricoh	mp_305\+_firmware	𝑥 ≤ 1.12
ricoh	im_350_firmware	𝑥 ≤ 1.10
ricoh	im_430fb_firmware	𝑥 ≤ 1.10
ricoh	im_550f_firmware	𝑥 ≤ 5.02
ricoh	im_600f_firmware	𝑥 ≤ 5.02
ricoh	im_600srf_firmware	𝑥 ≤ 5.02
ricoh	im_7000_firmware	𝑥 ≤ 2.02
ricoh	im_8000_firmware	𝑥 ≤ 2.02
ricoh	im_9000_firmware	𝑥 ≤ 2.02
ricoh	mp_2555_firmware	𝑥 ≤ 1.18
ricoh	mp_3055_firmware	𝑥 ≤ 1.18
ricoh	mp_3555_firmware	𝑥 ≤ 1.18
ricoh	mp_4055_firmware	𝑥 ≤ 1.18
ricoh	mp_5055_firmware	𝑥 ≤ 1.18
ricoh	mp_6055_firmware	𝑥 ≤ 1.18
ricoh	im_2500_firmware	𝑥 ≤ 4.02
ricoh	im_3000_firmware	𝑥 ≤ 4.02
ricoh	im_3500_firmware	𝑥 ≤ 4.02
ricoh	im_4000_firmware	𝑥 ≤ 4.02
ricoh	im_5000_firmware	𝑥 ≤ 4.02
ricoh	im_6000_firmware	𝑥 ≤ 4.02
ricoh	im_2702_firmware	𝑥 ≤ 1.12
ricoh	im_c400f_firmware	𝑥 ≤ 5.03
ricoh	im_c300f_firmware	𝑥 ≤ 5.03
ricoh	im_c300_firmware	𝑥 ≤ 5.03
ricoh	im_c400srf_firmware	𝑥 ≤ 5.03
ricoh	im_c2000_firmware	𝑥 ≤ 6.03
ricoh	im_c2500_firmware	𝑥 ≤ 6.03
ricoh	im_c6000_firmware	𝑥 ≤ 6.03
ricoh	im_c5500_firmware	𝑥 ≤ 6.03
ricoh	im_c3000_firmware	𝑥 ≤ 6.03
ricoh	im_c3500_firmware	𝑥 ≤ 6.03
ricoh	im_c4500_firmware	𝑥 ≤ 6.03
ricoh	mp_c2504_firmware	𝑥 ≤ 1.21
ricoh	mp_c2004_firmware	𝑥 ≤ 1.21
ricoh	mp_c4504_firmware	𝑥 ≤ 1.22
ricoh	mp_c5504_firmware	𝑥 ≤ 1.22
ricoh	mp_c6004_firmware	𝑥 ≤ 1.22
ricoh	mp_c3504_firmware	𝑥 ≤ 1.21
ricoh	mp_c3004_firmware	𝑥 ≤ 1.21
ricoh	im_c6500_firmware	𝑥 ≤ 4.0
ricoh	im_c8000_firmware	𝑥 ≤ 4.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-522 - Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References

https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002

https://www.ricoh.com/software/dev_soft_manager

https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002

https://www.ricoh.com/software/dev_soft_manager