CVE-2022-41798

Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa 8000i/6500i, TASKalfa 5500i/4500i/3500i, TASKalfa 305/255, TASKalfa 306i/256i, LS-3140MFP/3140MFP+/3640MFP, ECOSYS M2535dn, LS-1135MFP/1035MFP, LS-C8650DN/C8600DN, ECOSYS P6026cdn, FS-C5250DN, LS-4300DN/4200DN/2100DN, ECOSYS P4040dn, ECOSYS P2135dn, and FS-1370DN.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_7550ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_7550ci:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_6550ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_6550ci:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_5550ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_5550ci:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_4550ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_4550ci:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_3550ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_3550ci:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_3050ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_3050ci:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_255c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_255c:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_205c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_205c:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_256ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_256ci:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_206ci_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_206ci:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:kyocera:ecosys_m6526cdn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_m6526cdn:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:kyocera:ecosys_m6526cidn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_m6526cidn:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:kyocera:fs-c2126mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:fs-c2126mfp:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:kyocera:fs-c2126mfp\+_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:fs-c2126mfp\+:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:kyocera:fs-c2026mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:fs-c2026mfp:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_8000i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_8000i:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_6500i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_6500i:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_5500i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_5500i:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_4500i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_4500i:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_3500i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_3500i:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_305_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_305:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_255_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_255:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_306i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_306i:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:kyocera:taskalfa_256i_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:taskalfa_256i:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:kyocera:ls-3140mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-3140mfp:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:kyocera:ls-3140mfp\+_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-3140mfp\+:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:kyocera:ls-3640mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-3640mfp:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:kyocera:ecosys_m2535dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_m2535dn:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:kyocera:ls-1135mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-1135mfp:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:kyocera:ls-1035mfp_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-1035mfp:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:kyocera:ls-c8650dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-c8650dn:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:kyocera:ls-c8600dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-c8600dn:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:kyocera:ecosys_p6026cdn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_p6026cdn:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:kyocera:fs-c5250dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:fs-c5250dn:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:kyocera:ls-4300dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-4300dn:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:kyocera:ls-4200dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-4200dn:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:kyocera:ls-2100dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ls-2100dn:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:kyocera:ecosys_p4040dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_p4040dn:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:kyocera:ecosys_p2135dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:ecosys_p2135dn:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:kyocera:fs-1370dn_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kyocera:fs-1370dn:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:23

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN46345126/index.html - Vendor Advisory () https://jvn.jp/en/jp/JVN46345126/index.html - Vendor Advisory
References () https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.html - Mitigation, Vendor Advisory () https://www.kyoceradocumentsolutions.co.jp/support/information/info_20221101.html - Mitigation, Vendor Advisory
References () https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.html - Third Party Advisory () https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-11-01.html - Third Party Advisory

Information

Published : 2022-12-05 04:15

Updated : 2024-11-21 07:23


NVD link : CVE-2022-41798

Mitre link : CVE-2022-41798

CVE.ORG link : CVE-2022-41798


JSON object : View

Products Affected

kyocera

  • taskalfa_4500i
  • taskalfa_3550ci
  • taskalfa_256i_firmware
  • taskalfa_256ci_firmware
  • taskalfa_8000i
  • ls-4300dn
  • taskalfa_4550ci_firmware
  • ls-c8600dn_firmware
  • taskalfa_305
  • ls-c8650dn_firmware
  • ecosys_m6526cidn
  • ls-3640mfp
  • taskalfa_256ci
  • taskalfa_5500i_firmware
  • taskalfa_3050ci
  • taskalfa_3550ci_firmware
  • fs-c2026mfp_firmware
  • taskalfa_205c
  • ls-1035mfp_firmware
  • taskalfa_7550ci
  • ls-4200dn_firmware
  • taskalfa_3050ci_firmware
  • ecosys_p6026cdn_firmware
  • ls-3140mfp
  • ecosys_m2535dn
  • ecosys_p2135dn_firmware
  • taskalfa_206ci_firmware
  • fs-c2126mfp
  • ecosys_p4040dn
  • ecosys_m6526cdn
  • fs-1370dn_firmware
  • fs-c2126mfp\+
  • taskalfa_6550ci_firmware
  • fs-1370dn
  • taskalfa_3500i_firmware
  • taskalfa_3500i
  • taskalfa_305_firmware
  • ls-1035mfp
  • ls-4300dn_firmware
  • taskalfa_255c
  • ls-c8650dn
  • taskalfa_4550ci
  • ls-c8600dn
  • ecosys_p6026cdn
  • fs-c5250dn_firmware
  • taskalfa_205c_firmware
  • taskalfa_256i
  • fs-c2126mfp\+_firmware
  • ls-4200dn
  • taskalfa_7550ci_firmware
  • taskalfa_255c_firmware
  • taskalfa_6550ci
  • ls-1135mfp_firmware
  • fs-c5250dn
  • taskalfa_255_firmware
  • ecosys_p4040dn_firmware
  • taskalfa_4500i_firmware
  • taskalfa_306i
  • taskalfa_5500i
  • ls-1135mfp
  • ls-3640mfp_firmware
  • taskalfa_6500i_firmware
  • taskalfa_255
  • ls-3140mfp\+_firmware
  • taskalfa_5550ci
  • taskalfa_6500i
  • fs-c2026mfp
  • taskalfa_306i_firmware
  • ls-2100dn
  • taskalfa_8000i_firmware
  • taskalfa_206ci
  • taskalfa_5550ci_firmware
  • ls-2100dn_firmware
  • ls-3140mfp_firmware
  • fs-c2126mfp_firmware
  • ecosys_p2135dn
  • ls-3140mfp\+
  • ecosys_m2535dn_firmware
  • ecosys_m6526cidn_firmware
  • ecosys_m6526cdn_firmware
CWE
CWE-290

Authentication Bypass by Spoofing