CVE-2022-25342

Name of the Vulnerable Software and Affected Versions Kyocera d-COLOR MF3555 version 2XD S000.002.271

Description The Web Application is affected by Broken Access Control, which does not properly validate requests for access to data and functionality under the /mngset/authset path. This allows a potential attacker to view pages that are not allowed by not verifying permissions for access to resources.

Recommendations For Kyocera d-COLOR MF3555 version 2XD S000.002.271, as a temporary workaround, consider restricting access to the /mngset/authset path until a patch is available. Avoid using this path in the Web Application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.