2026-01-09 07:15:52
jpcert
PUBLISHED
Improper authorization vulnerability exists in RICOH Streamline NX 3.5.1 to 24R3. If a man-in-the-middle attack is conducted on the communication between the affected product and its user, and some crafted request is processed by the product, the users registration information and/or OIDC (OpenID Connect) tokens may be retrieved.