4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
41.4%
Aficio SP 4210N provided by RICOH COMPANY, LTD. contains a cross-site scripting vulnerability (CWE-79) in Web Image Monitor.
An arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege.
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.