CVE-2024-41995

high

Description

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.

References

https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000010

https://jvn.jp/en/jp/JVN78728294/

https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000010

Details

Source: Mitre, NVD

Published: 2024-08-06

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00132