Lucene search

[email protected]NVD:CVE-2018-16186

HistoryJan 09, 2019 - 11:29 p.m.

CVE-2018-16186

2019-01-0923:29:04

CWE-798

[email protected]

web.nvd.nist.gov

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

33.3%

JSON

RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) uses hard-coded credentials, which may allow an attacker on the same network segments to login to the administrators settings screen and change the configuration.

Affected configurations

Nvd

Node

ricohd2200_firmwareRange1.1–2.2

AND

ricohd2200Match-

Node

ricohd5500_firmwareRange1.1–2.2

AND

ricohd5500Match-

Node

ricohd5510_firmwareRange1.1–2.2

AND

ricohd5510Match-

Node

ricohd5520_firmwareRange1.1–2.2

ricohd5520_firmwareRange3.0–3.1.10137.0

AND

ricohd5520Match-

Node

ricohd6500_firmwareRange1.1–2.2

AND

ricohd6500Match-

Node

ricohd6510_firmwareRange1.1–2.2

ricohd6510_firmwareRange3.0–3.1.10137.0

AND

ricohd6510Match-

Node

ricohd7500_firmwareRange1.1–2.2

ricohd7500_firmwareRange3.0–3.1.10137.0

AND

ricohd7500Match-

Node

ricohd8400_firmwareRange1.1–2.2

ricohd8400_firmwareRange3.0–3.1.10137.0

AND

ricohd8400Match-

VendorProductVersionCPE
ricohd2200_firmware*cpe:2.3:o:ricoh:d2200_firmware:*:*:*:*:*:*:*:*
ricohd2200-cpe:2.3:h:ricoh:d2200:-:*:*:*:*:*:*:*
ricohd5500_firmware*cpe:2.3:o:ricoh:d5500_firmware:*:*:*:*:*:*:*:*
ricohd5500-cpe:2.3:h:ricoh:d5500:-:*:*:*:*:*:*:*
ricohd5510_firmware*cpe:2.3:o:ricoh:d5510_firmware:*:*:*:*:*:*:*:*
ricohd5510-cpe:2.3:h:ricoh:d5510:-:*:*:*:*:*:*:*
ricohd5520_firmware*cpe:2.3:o:ricoh:d5520_firmware:*:*:*:*:*:*:*:*
ricohd5520-cpe:2.3:h:ricoh:d5520:-:*:*:*:*:*:*:*
ricohd6500_firmware*cpe:2.3:o:ricoh:d6500_firmware:*:*:*:*:*:*:*:*
ricohd6500-cpe:2.3:h:ricoh:d6500:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ricoh	d2200_firmware	*	cpe:2.3:o:ricoh:d2200_firmware::::::::
ricoh	d2200	-	cpe:2.3:h:ricoh:d2200:-:::::::*
ricoh	d5500_firmware	*	cpe:2.3:o:ricoh:d5500_firmware::::::::
ricoh	d5500	-	cpe:2.3:h:ricoh:d5500:-:::::::*
ricoh	d5510_firmware	*	cpe:2.3:o:ricoh:d5510_firmware::::::::
ricoh	d5510	-	cpe:2.3:h:ricoh:d5510:-:::::::*
ricoh	d5520_firmware	*	cpe:2.3:o:ricoh:d5520_firmware::::::::
ricoh	d5520	-	cpe:2.3:h:ricoh:d5520:-:::::::*
ricoh	d6500_firmware	*	cpe:2.3:o:ricoh:d6500_firmware::::::::
ricoh	d6500	-	cpe:2.3:h:ricoh:d6500:-:::::::*

Rows per page:

1-10 of 161

References

jvn.jp/en/jp/JVN55263945/index.html

www.ricoh.com/info/2018/1127_1.html

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

33.3%

JSON

Related for NVD:CVE-2018-16186

prion1 cvelist1 cve1 openvas1 jvn1