CVE-2024-41995

Summary

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.

Affected Software

VendorProductVersion RangeStatus
Ricoh Company, Ltd.JavaTM PlatformVer.12.89 and earlieraffected

Weaknesses

  • Initialization of a Resource with an Insecure Default

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References