Vulnerability Details CVE-2018-16187
The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.9%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2018-16187
-
cpe:2.3:h:ricoh:d2200:-
-
cpe:2.3:h:ricoh:d5500:-
-
cpe:2.3:h:ricoh:d5510:-
-
cpe:2.3:h:ricoh:d5520:-
-
cpe:2.3:h:ricoh:d6500:-
-
cpe:2.3:h:ricoh:d6510:-
-
cpe:2.3:h:ricoh:d7500:-
-
cpe:2.3:h:ricoh:d8400:-
-
cpe:2.3:o:ricoh:d2200_firmware:1.3
-
cpe:2.3:o:ricoh:d2200_firmware:2.2
-
cpe:2.3:o:ricoh:d5500_firmware:1.3
-
cpe:2.3:o:ricoh:d5500_firmware:2.2
-
cpe:2.3:o:ricoh:d5510_firmware:1.3
-
cpe:2.3:o:ricoh:d5510_firmware:2.2
-
cpe:2.3:o:ricoh:d5520_firmware:*
-
cpe:2.3:o:ricoh:d5520_firmware:1.3
-
cpe:2.3:o:ricoh:d5520_firmware:2.2
-
cpe:2.3:o:ricoh:d6500_firmware:1.3
-
cpe:2.3:o:ricoh:d6500_firmware:2.2
-
cpe:2.3:o:ricoh:d6510_firmware:*
-
cpe:2.3:o:ricoh:d6510_firmware:1.3
-
cpe:2.3:o:ricoh:d6510_firmware:2.2
-
cpe:2.3:o:ricoh:d7500_firmware:*
-
cpe:2.3:o:ricoh:d7500_firmware:1.3
-
cpe:2.3:o:ricoh:d7500_firmware:2.2
-
cpe:2.3:o:ricoh:d8400_firmware:*
-
cpe:2.3:o:ricoh:d8400_firmware:1.3
-
cpe:2.3:o:ricoh:d8400_firmware:2.2