Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJpcertCVE-2022-41807
HistoryDec 05, 2022 - 4:15 a.m.

CVE-2022-41807

2022-12-0504:15:10
CWE-862
jpcert
web.nvd.nist.gov
42
cve
2022
41807
kyocera
mfps
printers
vulnerability
network-adjacent
authentication

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON

Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.

Affected configurations

Nvd
Node
kyocerataskalfa_7550ci_firmwareMatch-
AND
kyocerataskalfa_7550ciMatch-
Node
kyocerataskalfa_6550ci_firmwareMatch-
AND
kyocerataskalfa_6550ciMatch-
Node
kyocerataskalfa_5550ci_firmwareMatch-
AND
kyocerataskalfa_5550ciMatch-
Node
kyocerataskalfa_4550ci_firmwareMatch-
AND
kyocerataskalfa_4550ciMatch-
Node
kyocerataskalfa_3550ci_firmwareMatch-
AND
kyocerataskalfa_3550ciMatch-
Node
kyocerataskalfa_3050ci_firmwareMatch-
AND
kyocerataskalfa_3050ciMatch-
Node
kyocerataskalfa_255c_firmwareMatch-
AND
kyocerataskalfa_255cMatch-
Node
kyocerataskalfa_205c_firmwareMatch-
AND
kyocerataskalfa_205cMatch-
Node
kyocerataskalfa_256ci_firmwareMatch-
AND
kyocerataskalfa_256ciMatch-
Node
kyocerataskalfa_206ci_firmwareMatch-
AND
kyocerataskalfa_206ciMatch-
Node
kyoceraecosys_m6526cdn_firmwareMatch-
AND
kyoceraecosys_m6526cdnMatch-
Node
kyoceraecosys_m6526cidn_firmwareMatch-
AND
kyoceraecosys_m6526cidnMatch-
Node
kyocerafs-c2126mfp_firmwareMatch-
AND
kyocerafs-c2126mfpMatch-
Node
kyocerafs-c2126mfp\+_firmwareMatch-
AND
kyocerafs-c2126mfp\+Match-
Node
kyocerafs-c2026mfp_firmwareMatch-
AND
kyocerafs-c2026mfpMatch-
Node
kyocerataskalfa_8000i_firmwareMatch-
AND
kyocerataskalfa_8000iMatch-
Node
kyocerataskalfa_6500i_firmwareMatch-
AND
kyocerataskalfa_6500iMatch-
Node
kyocerataskalfa_5500i_firmwareMatch-
AND
kyocerataskalfa_5500iMatch-
Node
kyocerataskalfa_4500i_firmwareMatch-
AND
kyocerataskalfa_4500iMatch-
Node
kyocerataskalfa_3500i_firmwareMatch-
AND
kyocerataskalfa_3500iMatch-
Node
kyocerataskalfa_305_firmwareMatch-
AND
kyocerataskalfa_305Match-
Node
kyocerataskalfa_255_firmwareMatch-
AND
kyocerataskalfa_255Match-
Node
kyocerataskalfa_306i_firmwareMatch-
AND
kyocerataskalfa_306iMatch-
Node
kyocerataskalfa_256i_firmwareMatch-
AND
kyocerataskalfa_256iMatch-
Node
kyocerals-3140mfp_firmwareMatch-
AND
kyocerals-3140mfpMatch-
Node
kyocerals-3140mfp\+_firmwareMatch-
AND
kyocerals-3140mfp\+Match-
Node
kyocerals-3640mfp_firmwareMatch-
AND
kyocerals-3640mfpMatch-
Node
kyoceraecosys_m2535dn_firmwareMatch-
AND
kyoceraecosys_m2535dnMatch-
Node
kyocerals-1135mfp_firmwareMatch-
AND
kyocerals-1135mfpMatch-
Node
kyocerals-1035mfp_firmwareMatch-
AND
kyocerals-1035mfpMatch-
Node
kyocerals-c8650dn_firmwareMatch-
AND
kyocerals-c8650dnMatch-
Node
kyocerals-c8600dn_firmwareMatch-
AND
kyocerals-c8600dnMatch-
Node
kyoceraecosys_p6026cdn_firmwareMatch-
AND
kyoceraecosys_p6026cdnMatch-
Node
kyocerafs-c5250dn_firmwareMatch-
AND
kyocerafs-c5250dnMatch-
Node
kyocerals-4300dn_firmwareMatch-
AND
kyocerals-4300dnMatch-
Node
kyocerals-4200dn_firmwareMatch-
AND
kyocerals-4200dnMatch-
Node
kyocerals-2100dn_firmwareMatch-
AND
kyocerals-2100dnMatch-
Node
kyoceraecosys_p4040dn_firmwareMatch-
AND
kyoceraecosys_p4040dnMatch-
Node
kyoceraecosys_p2135dn_firmwareMatch-
AND
kyoceraecosys_p2135dnMatch-
Node
kyocerafs-1370dn_firmwareMatch-
AND
kyocerafs-1370dnMatch-
VendorProductVersionCPE
kyocerataskalfa_7550ci_firmware-cpe:2.3:o:kyocera:taskalfa_7550ci_firmware:-:*:*:*:*:*:*:*
kyocerataskalfa_7550ci-cpe:2.3:h:kyocera:taskalfa_7550ci:-:*:*:*:*:*:*:*
kyocerataskalfa_6550ci_firmware-cpe:2.3:o:kyocera:taskalfa_6550ci_firmware:-:*:*:*:*:*:*:*
kyocerataskalfa_6550ci-cpe:2.3:h:kyocera:taskalfa_6550ci:-:*:*:*:*:*:*:*
kyocerataskalfa_5550ci_firmware-cpe:2.3:o:kyocera:taskalfa_5550ci_firmware:-:*:*:*:*:*:*:*
kyocerataskalfa_5550ci-cpe:2.3:h:kyocera:taskalfa_5550ci:-:*:*:*:*:*:*:*
kyocerataskalfa_4550ci_firmware-cpe:2.3:o:kyocera:taskalfa_4550ci_firmware:-:*:*:*:*:*:*:*
kyocerataskalfa_4550ci-cpe:2.3:h:kyocera:taskalfa_4550ci:-:*:*:*:*:*:*:*
kyocerataskalfa_3550ci_firmware-cpe:2.3:o:kyocera:taskalfa_3550ci_firmware:-:*:*:*:*:*:*:*
kyocerataskalfa_3550ci-cpe:2.3:h:kyocera:taskalfa_3550ci:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 801

CNA Affected

[
  {
    "vendor": "KYOCERA Document Solutions Inc.",
    "product": "Kyocera Document Solutions MFPs and printers",
    "versions": [
      {
        "version": "A wide range of products is affected.  For the specific products/versions information, see the URL provided by the vendor which is listed in [Reference] section.",
        "status": "affected"
      }
    ]
  }
]

Related

prion 1
nvd 1
cvelist 1
jvn 1
prion
prion
Authorization
2022-12-05 04:15:00
nvd
nvd
CVE-2022-41807
2022-12-05 04:15:10
cvelist
cvelist
CVE-2022-41807
2022-12-05 00:00:00
jvn
jvn
JVN#46345126: Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers
2022-11-01 00:00:00

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON
Related for CVE-2022-41807
prion1nvd1cvelist1jvn1