Published:2018/11/27 Last Updated:2018/12/07
JVN#55263945
Multiple vulnerabilities in RICOH Interactive Whiteboard
Overview
RICOH Interactive Whiteboard contains multiple vulnerabilities.
Products Affected
CVE-2018-16184
- RICOH Interactive Whiteboard D2200 V1.6 to V2.2
- RICOH Interactive Whiteboard D5500 V1.6 to V2.2
- RICOH Interactive Whiteboard D5510 V1.6 to V2.2
- RICOH Interactive Whiteboard D5520
- RICOH Interactive Whiteboard D6500
- RICOH Interactive Whiteboard D6510
- RICOH Interactive Whiteboard D7500
- RICOH Interactive Whiteboard D8400
- RICOH Interactive Whiteboard D2200 V1.1 to V2.2
- RICOH Interactive Whiteboard D5500 V1.1 to V2.2
- RICOH Interactive Whiteboard D5510 V1.1 to V2.2
- RICOH Interactive Whiteboard D5520
- RICOH Interactive Whiteboard D6500
- RICOH Interactive Whiteboard D6510
- RICOH Interactive Whiteboard D7500
- RICOH Interactive Whiteboard D8400
- RICOH Interactive Whiteboard D5520
- RICOH Interactive Whiteboard D6510
- RICOH Interactive Whiteboard D7500
- RICOH Interactive Whiteboard D8400
- RICOH Interactive Whiteboard D2200 V1.3 to V2.2
- RICOH Interactive Whiteboard D5500 V1.3 to V2.2
- RICOH Interactive Whiteboard D5510 V1.3 to V2.2
- RICOH Interactive Whiteboard D5520
- RICOH Interactive Whiteboard D6500
- RICOH Interactive Whiteboard D6510
- RICOH Interactive Whiteboard D7500
- RICOH Interactive Whiteboard D8400
- RICOH Interactive Whiteboard D5520
- RICOH Interactive Whiteboard D6510
- RICOH Interactive Whiteboard D7500
- RICOH Interactive Whiteboard D8400
Description
RICOH Interactive Whiteboard provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below.
- Command injection (CWE-94) - CVE-2018-16184
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 CVSS v2 AV:N/AC:L/AU:N/C:C/I:C/A:C Base Score: 10.0 - Missing file signature - CVE-2018-16185
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L Base Score: 5.0 CVSS v2 AV:N/AC:H/AU:N/C:P/I:P/A:P Base Score: 5.1 - Hard-coded credentials for the administrator settings screen - CVE-2018-16186
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 8.4 CVSS v2 AV:L/AC:L/AU:N/C:C/I:C/A:C Base Score: 7.2 - The server certificate is self-signed - CVE-2018-16187
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 4.8 CVSS v2 AV:N/AC:H/AU:N/C:P/I:P/A:N Base Score: 4.0 - SQL injection (CWE-89) - CVE-2018-16188
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8 CVSS v2 AV:N/AC:L/AU:N/C:C/I:C/A:C Base Score: 10.0
Impact
- A remote attacker may execute an arbitrary command with the administrative privilege - CVE-2018-16184
- A remote attacker may execute an altered program - CVE-2018-16185
- An attacker may log in to the administrator settings screen and change the configuration - CVE-2018-16186
- A man-in-the-middle attack allows an attacker to eavesdrop on an encrypted communication - CVE-2018-16187
- A remote attacker may obtain or alter the information in the database - CVE-2018-16188
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| RICOH COMPANY, LTD. | Vulnerable | 2018/11/27 | RICOH COMPANY, LTD. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2018-16184 |
|
CVE-2018-16185 |
|
|
CVE-2018-16186 |
|
|
CVE-2018-16187 |
|
|
CVE-2018-16188 |
|
| JVN iPedia |
JVNDB-2018-000124 |
Update History
- 2018/11/27
- Fixed spelling errors under "Products Affected"
- 2018/11/27
- Fixed a spelling error under "Products Affected"
- 2018/11/28
- Information under the section "Credit" was added
- 2018/12/07
- Information under the section "Products Affected" was updated