CVE-2019-14306 - OpenCVE

Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ricoh	Sp 213snw \(taiwan\) Sp 212nw Sp 221s Firmware Sp C250sf Firmware Sp 220sfnw Sp 221s Sp C262sfnw Sp 213sfnw \(taiwan\) Sp 220snw Sp 330sn Firmware Sp C262dnw Sp 212w Sp C262sfnw Firmware Sp 221snw Firmware Sp 277snwx Firmware Sp 213sfnw \(taiwan\) Firmware Sp 3710sf Firmware Sp 277sfnwx Sp 212sfw Firmware Sp 213sfnw Firmware Sp 213w M 2700 Sp 3710dn Firmware Sp 3710sf Sp 212snw Sp 330sfn Sp 330sfn Firmware Sp 221nw Sp277nwx Firmware Mp 2014 Sp 212w Firmware Sp 220nw Firmware Sp C260dnw Firmware Sp 213nw \(taiwan\) Firmware Sp 330sn Sp 220snw Firmware Sp C261dnw Firmware Sp C252dn Mp 2014d Firmware Sp 213w Firmware Sp 221sfnw Sp C250sf Sp 212sfnw Firmware Sp 212sfnw Sp 213snw Firmware Sp 213sfw Firmware Sp 212snw Firmware M 2701 Sp C252sf Sp 212nw Firmware Sp 213sfw Sp C261sfnw M 2701 Firmware Sp 221sfnw Firmware Sp C252dn Firmware Sp 277snwx Sp 277sfnwx Firmware Sp 221sf Sp 221sf Firmware Sp 213snw \(taiwan\) Firmware Mp 2014ad Sp 213snw Sp 213sfnw Sp 213nw Sp C260sfnw Firmware Sp 330dn Firmware Sp C260sfnw M 2700 Firmware Sp C261sfnw Firmware Sp 220sfnw Firmware Sp 212sfnw \(china\) Sp 213suw Sp 212sfnw \(china\) Firmware Sp 212suw Sp 3710dn Sp 330dn Sp C261dnw Mp 2014d Sp 221 Sp 212suw Firmware Sp C250dn Mp 2014 Firmware Sp277nwx Sp C260dnw Sp 213suw Firmware Sp 213nw \(taiwan\) Sp 213nw Firmware Sp C250dn Firmware Sp 221snw Sp 221 Firmware Sp C252sf Firmware Mp 2014ad Firmware Sp 220nw Sp C262dnw Firmware Sp 221nw Firmware Sp 212sfw

Configuration 1 [-]

AND

cpe:2.3:o:ricoh:sp_c250sf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c250sf:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ricoh:sp_c252sf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c252sf:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:ricoh:sp_c250dn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c250dn:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:ricoh:sp_c252dn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c252dn:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:ricoh:sp_330sn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_330sn:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:ricoh:sp_330sfn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_330sfn:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:ricoh:sp_330dn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_330dn:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:ricoh:sp_3710sf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_3710sf:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:ricoh:sp_3710dn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_3710dn:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:ricoh:sp_c260dnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c260dnw:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:ricoh:sp_c260sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c260sfnw:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:ricoh:sp_c261dnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c261dnw:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:ricoh:sp_c261sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c261sfnw:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:ricoh:sp_c262sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c262sfnw:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:ricoh:sp_c262dnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_c262dnw:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:ricoh:mp_2014_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:mp_2014:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:ricoh:mp_2014d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:mp_2014d:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:ricoh:mp_2014ad_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:mp_2014ad:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:ricoh:m_2700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:m_2700:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:ricoh:m_2701_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:m_2701:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:ricoh:sp_221s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221s:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:ricoh:sp_220snw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_220snw:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:ricoh:sp_221snw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221snw:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:ricoh:sp_221sf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221sf:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:ricoh:sp_220sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_220sfnw:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:ricoh:sp_221sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221sfnw:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:ricoh:sp_277snwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_277snwx:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:ricoh:sp_277sfnwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_277sfnwx:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:ricoh:sp_221_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:ricoh:sp_220nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_220nw:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:ricoh:sp_221nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_221nw:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:ricoh:sp277nwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp277nwx:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:ricoh:sp_212snw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212snw:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:ricoh:sp_212sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212sfnw:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:ricoh:sp_212sfw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212sfw:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:ricoh:sp_212sfnw_\(china\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212sfnw_\(china\):-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:ricoh:sp_212suw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212suw:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:ricoh:sp_213snw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213snw:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:ricoh:sp_213snw_\(taiwan\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213snw_\(taiwan\):-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:ricoh:sp_213suw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213suw:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:ricoh:sp_213sfnw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213sfnw:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:ricoh:sp_213sfw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213sfw:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:ricoh:sp_213sfnw_\(taiwan\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213sfnw_\(taiwan\):-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:ricoh:sp_212nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212nw:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:ricoh:sp_213nw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213nw:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:ricoh:sp_213nw_\(taiwan\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213nw_\(taiwan\):-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:ricoh:sp_212w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_212w:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:ricoh:sp_213w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ricoh:sp_213w:-:*:*:*:*:*:*:*

References

Link	Resource
http://jvn.jp/en/jp/JVN52962201/index.html	Third Party Advisory VDB Entry
https://www.ricoh.com/info/2019/0823_1/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-10T17:59:24

Updated: 2020-02-25T04:06:01

Reserved: 2019-07-27T00:00:00

Link: CVE-2019-14306

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-10T18:15:11.583

Modified: 2023-01-31T19:50:19.917

Link: CVE-2019-14306

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo