Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for net_viewer by kyocera

    CVE-2022-1026 (GCVE-0-2022-1026)

    Vulnerability from nvd – Published: 2022-04-04 14:15 – Updated: 2024-09-16 20:06
    Title
    Kyocera Net View Address Book Exposure
    Summary
    Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Kyocera Multifunction Printer Net Viewer Affected: 2S0_1000.005.0012S5_2000.002.505 , ≤ 2S0_1000.005.0012S5_2000.002.505 (custom)
    Create a notification for this product.
    Date Public
    2022-03-29 00:00
    Credits
    Aaron Herndon, Rapid7
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:47:43.294Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multifunction Printer Net Viewer",
              "vendor": "Kyocera",
              "versions": [
                {
                  "lessThanOrEqual": "2S0_1000.005.0012S5_2000.002.505",
                  "status": "affected",
                  "version": "2S0_1000.005.0012S5_2000.002.505",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Aaron Herndon, Rapid7"
            }
          ],
          "datePublic": "2022-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-04T14:15:18.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Kyocera Net View Address Book Exposure",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2022-03-29T13:05:00.000Z",
              "ID": "CVE-2022-1026",
              "STATE": "PUBLIC",
              "TITLE": "Kyocera Net View Address Book Exposure"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Multifunction Printer Net Viewer",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "2S0_1000.005.0012S5_2000.002.505",
                                "version_value": "2S0_1000.005.0012S5_2000.002.505"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Kyocera"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Aaron Herndon, Rapid7"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-522 Insufficiently Protected Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
                },
                {
                  "name": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
                  "refsource": "MISC",
                  "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2022-1026",
        "datePublished": "2022-04-04T14:15:18.324Z",
        "dateReserved": "2022-03-18T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:06:43.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1026 (GCVE-0-2022-1026)

    Vulnerability from cvelistv5 – Published: 2022-04-04 14:15 – Updated: 2024-09-16 20:06
    Title
    Kyocera Net View Address Book Exposure
    Summary
    Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    Kyocera Multifunction Printer Net Viewer Affected: 2S0_1000.005.0012S5_2000.002.505 , ≤ 2S0_1000.005.0012S5_2000.002.505 (custom)
    Create a notification for this product.
    Date Public
    2022-03-29 00:00
    Credits
    Aaron Herndon, Rapid7
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:47:43.294Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Multifunction Printer Net Viewer",
              "vendor": "Kyocera",
              "versions": [
                {
                  "lessThanOrEqual": "2S0_1000.005.0012S5_2000.002.505",
                  "status": "affected",
                  "version": "2S0_1000.005.0012S5_2000.002.505",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Aaron Herndon, Rapid7"
            }
          ],
          "datePublic": "2022-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-04T14:15:18.000Z",
            "orgId": "9974b330-7714-4307-a722-5648477acda7",
            "shortName": "rapid7"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Kyocera Net View Address Book Exposure",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@rapid7.com",
              "DATE_PUBLIC": "2022-03-29T13:05:00.000Z",
              "ID": "CVE-2022-1026",
              "STATE": "PUBLIC",
              "TITLE": "Kyocera Net View Address Book Exposure"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Multifunction Printer Net Viewer",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "2S0_1000.005.0012S5_2000.002.505",
                                "version_value": "2S0_1000.005.0012S5_2000.002.505"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Kyocera"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Aaron Herndon, Rapid7"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-522 Insufficiently Protected Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html"
                },
                {
                  "name": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
                  "refsource": "MISC",
                  "url": "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
        "assignerShortName": "rapid7",
        "cveId": "CVE-2022-1026",
        "datePublished": "2022-04-04T14:15:18.324Z",
        "dateReserved": "2022-03-18T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:06:43.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }