Authorization Bypass vulnerability
CVE-2022-1996
Last updated: 13 June 2022
We are currently in the process of investigating the impact of the Authorization Bypass Through User-Controlled Key in GitHub repository emickel/go-restful vulnerability [CVE-2022-1996] on Canon Production Printing products and services. As information comes to light, we will update this notification.
The table below gives the vulnerability status for the Canon Production Printing hardware and software products listed. Please check back regularly to be informed regarding the updated status.
Products assessed and status
Cutsheet and Toner Systems / Inkjet Sheetfed Press
| Products | Status |
| PRISMAsync print server based products | Not impacted |
| varioPRINT 140 series | Not impacted |
| varioPRINT 6000 series | Not impacted |
| varioPRINT i-series | Not impacted |
| varioPRINT iX-series | Not impacted |
| Service Control Station (SCS) for VPi300 series and VPiX series | Not impacted |
| Tablet for VPi300 series and VPiX series | Not impacted |
| PRISMAsync i300/iX Simulator | Not impacted |
| PRISMAprepare V6 | Not impacted |
| PRISMAprepare V7 | Not impacted |
| PRISMAprepare V8 | Not impacted |
| PRISMAdirect V1 | Not impacted |
| PRISMAprofiler | Under investigation |
| PRISMA Cloud PRISMA Home PRISMAprepare Go PRISMAlytics Accounting |
Under investigation |
Continuous Printing
| Products | Status |
| ColorStream 3×00ColorStream 3x00Z | Not impacted |
| ColorStream 6000 | Not impacted |
| ColorStream 8000 | Not impacted |
| ProStream 1×00 | Not impacted |
| LabelStream 4000 series | Not impacted |
| ImageStream | Not impacted |
| JetStream V1JetStream V2 | Not impacted |
| VarioStream 4000 | Not impacted |
| VarioStream 7000 series | Not impacted |
| VarioStream 8000 | Not impacted |
| PRISMAproduction Server V5 | Under investigation |
| PRISMAproduction Host | Not impacted |
| PRISMAspool | Not impacted |
| DocSetter | Not impacted |
| DPconvert | Not impacted |
| PRISMAcontrol | Under investigation |
| TrueProof | Not impacted |
Large Format Graphics
| Products | Status |
| Arizona series | Not impacted |
| Colorado series | Not impacted |
| ONYX HUB | Not impacted |
| ONYX Thrive | Not impacted |
| ONYX ProductionHouse | Not impacted |
Technical Documentation Systems
| Products | Status |
| TDS series | Not impacted |
| PlotWave series | Not impacted |
| ColorWave series | Not impacted |
| Scanner Professional | Not impacted |
| Driver Select, Driver Express, Publisher Mobile | Not impacted |
| Publisher Select | Not impacted |
| Account Console | Not impacted |
| Repro Desk | Not impacted |
Service & Support Tools
| Products | Status |
| On Remote Service | Not impacted |
| Technical Service Manual | Not impacted |
| Advisory Dashboard – Analysis & Maintenance | Not impacted |
CVE-2022-1996
