ByteOS Network

NVD Vulnerability Details :

CVE-2024-41995

Awaiting Analysis

Source-vultures@jpcert.or.jp

Published At-06 Aug, 2024 | 07:15

Updated At-24 Mar, 2025 | 18:15

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses

CWE ID	Type	Source
CWE-1188	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-1188

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000010	vultures@jpcert.or.jp	N/A
https://jvn.jp/en/jp/JVN78728294/	vultures@jpcert.or.jp	N/A
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000010	vultures@jpcert.or.jp	N/A