← Retour aux CVEs
CVE-2026-21409
N/ADescription
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
Details CVE
Score CVSS v3.1N/A
Publie1/9/2026
Derniere modification1/13/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-639
References
https://jvn.jp/en/jp/JVN12770174/(vultures@jpcert.or.jp)
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011(vultures@jpcert.or.jp)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.