CVE-2024-36480 Vulnerability Details

  /     /     /  

CVE-2024-36480 Metadata Quick Info

CVE Published: 19/06/2024 | CVE Updated: 02/08/2024 | CVE Year: 2024
Source: jpcert | Vendor: CVE-2024-36480 | Product: Ricoh Streamline NX PC Client
Status : PUBLISHED

CVE-2024-36480 Description

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier. If this vulnerability is exploited, an attacker may obtain LocalSystem Account of the PC where the product is installed. As a result, unintended operations may be performed on the PC.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Use of Hard-coded Credentials
Source: CVE-2024-36480

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).