CVE-2022-1026
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Summary
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kyocera | Multifunction Printer Net Viewer | 2S0_1000.005.0012S5_2000.002.505 <= 2S0_1000.005.0012S5_2000.002.505 | affected |
Weaknesses
- CWE-522: CWE-522 Insufficiently Protected Credentials
ADP Enrichment
CVE Program Container
Additional References
- https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html
- https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/
References
- https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html
- https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.