CVE-2019-13205

Name of the Vulnerable Software and Affected Versions: Kyocera printers versions 2R7 2000.001.701

Description: The issue allows unauthenticated users to access all configuration parameters of certain Kyocera printers. Although this information is only presented in the menus when authenticated and the pages that load this information are protected, the files containing the configuration parameters are accessible. These files include sensitive information such as users, community strings, and other passwords configured in the printer.

Recommendations: For version 2R7 2000.001.701, restrict access to the files that contain the configuration parameters to prevent unauthenticated users from accessing sensitive information. As a temporary workaround, consider limiting access to the printer's configuration menus until a patch is available.