Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
2 vulnerabilities found for Multifunction Printer Net Viewer by Kyocera
CVE-2022-1026 (GCVE-0-2022-1026)
Vulnerability from nvd – Published: 2022-04-04 14:15 – Updated: 2024-09-16 20:06
VLAI?
Title
Kyocera Net View Address Book Exposure
Summary
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
Severity ?
8.6 (High)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kyocera | Multifunction Printer Net Viewer |
Affected:
2S0_1000.005.0012S5_2000.002.505 , ≤ 2S0_1000.005.0012S5_2000.002.505
(custom)
|
Date Public ?
2022-03-29 00:00
Credits
Aaron Herndon, Rapid7
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multifunction Printer Net Viewer",
"vendor": "Kyocera",
"versions": [
{
"lessThanOrEqual": "2S0_1000.005.0012S5_2000.002.505",
"status": "affected",
"version": "2S0_1000.005.0012S5_2000.002.505",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Aaron Herndon, Rapid7"
}
],
"datePublic": "2022-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-04T14:15:18.000Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kyocera Net View Address Book Exposure",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2022-03-29T13:05:00.000Z",
"ID": "CVE-2022-1026",
"STATE": "PUBLIC",
"TITLE": "Kyocera Net View Address Book Exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multifunction Printer Net Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2S0_1000.005.0012S5_2000.002.505",
"version_value": "2S0_1000.005.0012S5_2000.002.505"
}
]
}
}
]
},
"vendor_name": "Kyocera"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Aaron Herndon, Rapid7"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"refsource": "CONFIRM",
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"name": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"refsource": "MISC",
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2022-1026",
"datePublished": "2022-04-04T14:15:18.324Z",
"dateReserved": "2022-03-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:06:43.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1026 (GCVE-0-2022-1026)
Vulnerability from cvelistv5 – Published: 2022-04-04 14:15 – Updated: 2024-09-16 20:06
VLAI?
Title
Kyocera Net View Address Book Exposure
Summary
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
Severity ?
8.6 (High)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kyocera | Multifunction Printer Net Viewer |
Affected:
2S0_1000.005.0012S5_2000.002.505 , ≤ 2S0_1000.005.0012S5_2000.002.505
(custom)
|
Date Public ?
2022-03-29 00:00
Credits
Aaron Herndon, Rapid7
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multifunction Printer Net Viewer",
"vendor": "Kyocera",
"versions": [
{
"lessThanOrEqual": "2S0_1000.005.0012S5_2000.002.505",
"status": "affected",
"version": "2S0_1000.005.0012S5_2000.002.505",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Aaron Herndon, Rapid7"
}
],
"datePublic": "2022-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-04T14:15:18.000Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kyocera Net View Address Book Exposure",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2022-03-29T13:05:00.000Z",
"ID": "CVE-2022-1026",
"STATE": "PUBLIC",
"TITLE": "Kyocera Net View Address Book Exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multifunction Printer Net Viewer",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2S0_1000.005.0012S5_2000.002.505",
"version_value": "2S0_1000.005.0012S5_2000.002.505"
}
]
}
}
]
},
"vendor_name": "Kyocera"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Aaron Herndon, Rapid7"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522 Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"refsource": "CONFIRM",
"url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
},
{
"name": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"refsource": "MISC",
"url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2022-1026",
"datePublished": "2022-04-04T14:15:18.324Z",
"dateReserved": "2022-03-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:06:43.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}