Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Ricoh Streamline NX PC Client by RICOH COMPANY, LTD.

    CVE-2024-37387 (GCVE-0-2024-37387)

    Vulnerability from nvd – Published: 2024-06-19 06:40 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Use of potentially dangerous function
    • CWE-676 - Use of Potentially Dangerous Function
    Assigner
    Impacted products
    Vendor Product Version
    RICOH COMPANY, LTD. Ricoh Streamline NX PC Client Affected: ver.3.2.1.19
    Affected: ver.3.3.1.3
    Affected: ver.3.3.2.201
    Affected: ver.3.4.3.1
    Affected: ver.3.5.1.201 (ver.3.5.1.200op1)
    Affected: ver.3.6.100.53
    Affected: and ver.3.6.2.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-21T14:51:30.816250Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-676",
                    "description": "CWE-676 Use of Potentially Dangerous Function",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-21T14:57:55.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:56.267Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000007"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN00442488/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ricoh Streamline NX PC Client",
              "vendor": "RICOH COMPANY, LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "ver.3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.1.3"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.2.201"
                },
                {
                  "status": "affected",
                  "version": " ver.3.4.3.1"
                },
                {
                  "status": "affected",
                  "version": " ver.3.5.1.201 (ver.3.5.1.200op1)"
                },
                {
                  "status": "affected",
                  "version": " ver.3.6.100.53"
                },
                {
                  "status": "affected",
                  "version": " and ver.3.6.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of potentially dangerous function",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T06:40:58.899Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000007"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN00442488/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-37387",
        "datePublished": "2024-06-19T06:40:58.899Z",
        "dateReserved": "2024-06-07T06:42:24.850Z",
        "dateUpdated": "2024-08-02T03:50:56.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-37124 (GCVE-0-2024-37124)

    Vulnerability from nvd – Published: 2024-06-19 06:40 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, an attacker may create an arbitrary file in the PC where the product is installed.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use of potentially dangerous function
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    RICOH COMPANY, LTD. Ricoh Streamline NX PC Client Affected: ver.3.2.1.19
    Affected: ver.3.3.1.3
    Affected: ver.3.3.2.201
    Affected: ver.3.4.3.1
    Affected: ver.3.5.1.201 (ver.3.5.1.200op1)
    Affected: ver.3.6.100.53
    Affected: and ver.3.6.2.1
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.2.1.19
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.3.1.3
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.3.2.201
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.4.3.1
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.5.1.201\/ver.3.5.1.200op1\/
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.6.100.53
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.6.2.1
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.2.1.19"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.3.1.3"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.3.2.201"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.4.3.1"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.5.1.201\\/ver.3.5.1.200op1\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.6.100.53"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.6.2.1"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37124",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-20T15:32:35.494081Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:44:52.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:54.525Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000006"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN00442488/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ricoh Streamline NX PC Client",
              "vendor": "RICOH COMPANY, LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "ver.3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.1.3"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.2.201"
                },
                {
                  "status": "affected",
                  "version": " ver.3.4.3.1"
                },
                {
                  "status": "affected",
                  "version": " ver.3.5.1.201 (ver.3.5.1.200op1)"
                },
                {
                  "status": "affected",
                  "version": " ver.3.6.100.53"
                },
                {
                  "status": "affected",
                  "version": " and ver.3.6.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, an attacker may create an arbitrary file in the PC where the product is installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of potentially dangerous function",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T06:40:52.358Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000006"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN00442488/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-37124",
        "datePublished": "2024-06-19T06:40:52.358Z",
        "dateReserved": "2024-06-03T11:46:18.673Z",
        "dateUpdated": "2024-08-02T03:50:54.525Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-37387 (GCVE-0-2024-37387)

    Vulnerability from cvelistv5 – Published: 2024-06-19 06:40 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Use of potentially dangerous function
    • CWE-676 - Use of Potentially Dangerous Function
    Assigner
    Impacted products
    Vendor Product Version
    RICOH COMPANY, LTD. Ricoh Streamline NX PC Client Affected: ver.3.2.1.19
    Affected: ver.3.3.1.3
    Affected: ver.3.3.2.201
    Affected: ver.3.4.3.1
    Affected: ver.3.5.1.201 (ver.3.5.1.200op1)
    Affected: ver.3.6.100.53
    Affected: and ver.3.6.2.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-21T14:51:30.816250Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-676",
                    "description": "CWE-676 Use of Potentially Dangerous Function",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-21T14:57:55.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:56.267Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000007"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN00442488/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ricoh Streamline NX PC Client",
              "vendor": "RICOH COMPANY, LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "ver.3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.1.3"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.2.201"
                },
                {
                  "status": "affected",
                  "version": " ver.3.4.3.1"
                },
                {
                  "status": "affected",
                  "version": " ver.3.5.1.201 (ver.3.5.1.200op1)"
                },
                {
                  "status": "affected",
                  "version": " ver.3.6.100.53"
                },
                {
                  "status": "affected",
                  "version": " and ver.3.6.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of potentially dangerous function",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T06:40:58.899Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000007"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN00442488/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-37387",
        "datePublished": "2024-06-19T06:40:58.899Z",
        "dateReserved": "2024-06-07T06:42:24.850Z",
        "dateUpdated": "2024-08-02T03:50:56.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-37124 (GCVE-0-2024-37124)

    Vulnerability from cvelistv5 – Published: 2024-06-19 06:40 – Updated: 2024-08-02 03:50
    VLAI
    Summary
    Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, an attacker may create an arbitrary file in the PC where the product is installed.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use of potentially dangerous function
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    RICOH COMPANY, LTD. Ricoh Streamline NX PC Client Affected: ver.3.2.1.19
    Affected: ver.3.3.1.3
    Affected: ver.3.3.2.201
    Affected: ver.3.4.3.1
    Affected: ver.3.5.1.201 (ver.3.5.1.200op1)
    Affected: ver.3.6.100.53
    Affected: and ver.3.6.2.1
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.2.1.19
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.3.1.3
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.3.2.201
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.4.3.1
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.5.1.201\/ver.3.5.1.200op1\/
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.6.100.53
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    ricoh streamline_nx_pc_client Affected: ver.3.6.2.1
        cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.2.1.19"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.3.1.3"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.3.2.201"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.4.3.1"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.5.1.201\\/ver.3.5.1.200op1\\/"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.6.100.53"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:ricoh:streamline_nx_pc_client:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "streamline_nx_pc_client",
                "vendor": "ricoh",
                "versions": [
                  {
                    "status": "affected",
                    "version": "ver.3.6.2.1"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-37124",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-20T15:32:35.494081Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-20T15:44:52.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:50:54.525Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000006"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN00442488/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Ricoh Streamline NX PC Client",
              "vendor": "RICOH COMPANY, LTD.",
              "versions": [
                {
                  "status": "affected",
                  "version": "ver.3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.1.3"
                },
                {
                  "status": "affected",
                  "version": " ver.3.3.2.201"
                },
                {
                  "status": "affected",
                  "version": " ver.3.4.3.1"
                },
                {
                  "status": "affected",
                  "version": " ver.3.5.1.201 (ver.3.5.1.200op1)"
                },
                {
                  "status": "affected",
                  "version": " ver.3.6.100.53"
                },
                {
                  "status": "affected",
                  "version": " and ver.3.6.2.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, an attacker may create an arbitrary file in the PC where the product is installed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use of potentially dangerous function",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-19T06:40:52.358Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000006"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN00442488/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2024-37124",
        "datePublished": "2024-06-19T06:40:52.358Z",
        "dateReserved": "2024-06-03T11:46:18.673Z",
        "dateUpdated": "2024-08-02T03:50:54.525Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }