Vulnerability Description
Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2024-000010
- https://jvn.jp/en/jp/JVN78728294/
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2024-000010
FAQ
What is CVE-2024-41995?
CVE-2024-41995 is a vulnerability with a CVSS score of 7.5 (HIGH). Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1....
How severe is CVE-2024-41995?
CVE-2024-41995 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-41995?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.