Specific Ricoh MFP and Printer Products - Session Management Vulnerability (CVE-2024-21824)
First published: 06:00 pm on March 06, 2024 (2024-03-06T16:00:00+09:00)
Ricoh Company, Ltd.
A vulnerability in Web Based Management could allow an unauthenticated, remote attacker to log into the server settings screen by using cookie values taken through eavesdropped communications or by attacks to the user's web browser.
List 1 below shows the vulnerable products and services. Ricoh offers countermeasures as detailed in the listed links.
Vulnerability Information ID | ricoh-2024-000002 |
Version | 1.00E |
CVE ID(CWE ID) | CVE-2024-21824 (CWE-287) |
CVSSv3 score | 5.3 MEDIUM |
List 1: Ricoh products and services affected by this vulnerability
Product/service | Link to details |
SP 230DNw | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000166-2024-000002 |
P 201W | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000167-2024-000002 |
M 340W | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000168-2024-000002 |
SP 230SFNw | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000169-2024-000002 |
M 340FW | Affected. For details, please refer to the following URL. https://www.ricoh.com/products/security/vulnerabilities/adv?id=ricoh-prod000170-2024-000002 |
Contact
Please contact your local Ricoh representative or dealer if you have any queries.
History:
2024-03-06T16:00:00+09:00 : 1.00E Initial public release
News
Keep up to date
- 30Jul
Ricoh selected for inclusion in six ESG indices for Japanese equities adopted by the GPIF
- 24Jul
UPDATED: Ricoh’s Response to Basic Authentication Phase-Out in Microsoft Exchange Online SMTP Authentication
- 18Jul
Ricoh recognised as a CDP Supplier Engagement Leader for the fifth consecutive year
- 07Jul
Ricoh named in TIME World's Most Sustainable Companies of 2025