← Volver a CVEs
CVE-2026-21409
N/ADescripcion
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado1/9/2026
Ultima modificacion1/13/2026
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-639
Referencias
https://jvn.jp/en/jp/JVN12770174/(vultures@jpcert.or.jp)
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011(vultures@jpcert.or.jp)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.