ByteOS Network

CVE Vulnerability Details :

CVE-2024-41995

PUBLISHED

More Info Official Page

Assigner-jpcert

Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce

Published At-06 Aug, 2024 | 06:51

Updated At-24 Mar, 2025 | 17:15

▼CVE Numbering Authority (CNA)

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.

Affected Products

Vendor

Ricoh Company, Ltd.

Product

JavaTM Platform

Versions

Affected

Ver.12.89 and earlier

Problem Types

Type	CWE ID	Description
text	N/A	Initialization of a Resource with an Insecure Default

References

Hyperlink	Resource
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000010	N/A
https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000010	N/A
https://jvn.jp/en/jp/JVN78728294/	N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Vendor

Ricoh Company, Ltd.

Product

javatm_platform

CPEs

cpe:2.3:a:ricoh_company_ltd:javatm_platform:*:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 before 12.89 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-1188	CWE-1188 Initialization of a Resource with an Insecure Default

Metrics

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References