← Voltar para CVEs
CVE-2026-21409
N/ADescricao
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the user's registration information and/or OIDC (OpenID Connect) tokens may be retrieved.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado1/9/2026
Ultima modificacao1/13/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-639
Referencias
https://jvn.jp/en/jp/JVN12770174/(vultures@jpcert.or.jp)
https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000011(vultures@jpcert.or.jp)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.