Lucene search
HistoryDec 07, 2022 - 4:15 a.m.
CVE-2022-37406
aficio sp 4210n
cross-site scripting
firmware vulnerability
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
41.4%
Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Affected configurations
Node
ricohaficio_sp_4210n_firmwareRange<1.05
ricohaficio_sp_4210nMatch-
Related
nessus
nessus
RICOH Aficio SP 4210N Cross-site Scripting (CVE-2022-37406)
2024-02-14 00:00:00
cvelist
cvelist
CVE-2022-37406
2022-12-07 00:00:00
cve
cve
CVE-2022-37406
2022-12-07 04:15:10
jvn
jvn
JVN#24659622: RICOH Aficio SP 4210N vulnerable to cross-site scripting
2022-11-16 00:00:00
prion
prion
Cross site scripting
2022-12-07 04:15:00
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
41.4%
Related for NVD:CVE-2022-37406