All the vulnerabilites related to hitachi - cosminexus_application_server_standard
cve-2007-5810
Vulnerability from cvelistv5
Published
2007-11-05 17:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/42026 | vdb-entry, x_refsource_OSVDB | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/27421 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/3666 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/26271 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42026",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html"
},
{
"name": "27421",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"name": "26271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-17T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42026",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html"
},
{
"name": "27421",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"name": "26271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42026",
"refsource": "OSVDB",
"url": "http://osvdb.org/42026"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html"
},
{
"name": "27421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"name": "26271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5810",
"datePublished": "2007-11-05T17:00:00",
"dateReserved": "2007-11-05T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4564
Vulnerability from cvelistv5
Published
2007-08-28 01:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25434 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/37855 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/26589 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36245 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "37855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37855"
},
{
"name": "26589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user\u0027s group permissions to logical user server processes, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "37855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37855"
},
{
"name": "26589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4564",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user\u0027s group permissions to logical user server processes, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "37855",
"refsource": "OSVDB",
"url": "http://osvdb.org/37855"
},
{
"name": "26589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4564",
"datePublished": "2007-08-28T01:00:00",
"dateReserved": "2007-08-27T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4563
Vulnerability from cvelistv5
Published
2007-08-28 01:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/37854 | vdb-entry, x_refsource_OSVDB | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25434 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/26589 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36245 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37854",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "26589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user\u0027s group permissions to logical J2EE server processes, which allows local users to gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37854",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "26589",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user\u0027s group permissions to logical J2EE server processes, which allows local users to gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37854",
"refsource": "OSVDB",
"url": "http://osvdb.org/37854"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"name": "25434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25434"
},
{
"name": "26589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26589"
},
{
"name": "cosminexus-group-security-bypass(36245)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4563",
"datePublished": "2007-08-28T01:00:00",
"dateReserved": "2007-08-27T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5809
Vulnerability from cvelistv5
Published
2007-11-05 17:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27421 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/3666 | vdb-entry, x_refsource_VUPEN | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/26271 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/42027 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27421",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"name": "26271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26271"
},
{
"name": "42027",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-17T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27421",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"name": "26271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26271"
},
{
"name": "42027",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27421"
},
{
"name": "ADV-2007-3666",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"name": "26271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26271"
},
{
"name": "42027",
"refsource": "OSVDB",
"url": "http://osvdb.org/42027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5809",
"datePublished": "2007-11-05T17:00:00",
"dateReserved": "2007-11-05T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-11-05 17:46
Modified
2024-11-21 00:38
Severity ?
Summary
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD8C880-F11E-44A9-85F3-F0977D61C44D",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "649ED27D-43A3-45B6-B33E-3052C927ADA7",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7773DA4-2ED1-46AA-95A2-422DC978838F",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74FD551-8D2D-4D3D-B1D5-4B0EF5640F6D",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A47159F-991A-447B-A5E1-C4ED4E52ADBC",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22962B86-F12E-4290-B748-9FF12DE4A572",
"versionEndIncluding": "04_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F061CA-E6D6-4E0C-9AA0-3FE18A499D95",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9B6262-4F8B-45DA-A153-E54423CD8B16",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99EDC467-EAE5-4BD6-BAB7-944DF890A685",
"versionEndIncluding": "06_71_d",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FE1C85-1D57-4ED3-94FA-BCBAF9A2BD53",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FC2D16-9EBB-4D18-AA2A-6C8D1788D60F",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52475B65-FCC2-418D-9842-BD6197367F5B",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67D3AEC5-63FA-4457-9EE4-CE5A2B55B687",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_00:*:hpux:*:*:*:*:*",
"matchCriteriaId": "1A0EB6CA-C6BF-4316-9C87-DC6177C54112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7839481D-92D1-4252-916B-D5BF0C817B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:aix:*:*:*:*:*",
"matchCriteriaId": "DCBE68C6-A9FF-4783-A554-0F2E79B77D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "BA1B4996-9789-4E7B-B89C-30719D4CEF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:turbolinux:*:*:*:*:*",
"matchCriteriaId": "ACDA910D-7CA8-4B21-9992-C766277598FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01_d:*:linux:*:*:*:*:*",
"matchCriteriaId": "916B1226-DB50-4C23-BFFE-B61983B20A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_d:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F6BC26AD-3B1F-449A-81C6-8C363620033E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_d:*:solaris:*:*:*:*:*",
"matchCriteriaId": "768DC203-A5EE-471F-8290-74877E0F2EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_e:*:aix:*:*:*:*:*",
"matchCriteriaId": "2A316667-A7C3-48FD-8DDD-3A1B79D5695F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "F0EB32A1-4032-4ECA-A02B-B2BC2A03E93C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:hpux:*:*:*:*:*",
"matchCriteriaId": "24BFFB81-904A-4C48-9015-2DCF9F7F4CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "200A370A-FBCE-412C-B01A-5E79DE317134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "EEDEA46C-003C-4A71-8BBC-4214B5D7C84C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:turbolinux:*:*:*:*:*",
"matchCriteriaId": "CA4D9A0F-21D2-45E8-BC90-BFABDCC1119C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:windows:*:*:*:*:*",
"matchCriteriaId": "62E9F68B-6A10-430F-BB15-DE9F354053BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00_a:*:linux:*:*:*:*:*",
"matchCriteriaId": "A2306B1F-810D-4188-BEE3-F49925B5BA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:hpux:*:*:*:*:*",
"matchCriteriaId": "D2AA434B-FCDE-4143-A4CA-85DC65F1351B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "498D35C5-D720-4540-87C1-6B5A89C9007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "5B8B0A25-B6D1-4CDF-A797-359C94DC8BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "4FBD5964-A65F-468E-98AF-6CBBF0EA6926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F8C06DC9-FE19-4BEA-9FB8-F892C0668087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "1E64D786-872A-4FB8-ABE8-B6B0EA4AF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4DAB1871-2653-4F96-A65F-F0FD7719BC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:windows:*:*:*:*:*",
"matchCriteriaId": "86C196C5-C8EC-4037-A440-36DAF363DD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_06_a:*:linux:*:*:*:*:*",
"matchCriteriaId": "EBCA3085-482D-4F5A-8E27-FC68CCEF6617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "3F398CED-1BA2-475A-94A3-8E4E6C2C585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "1B69F829-530D-4E51-98F0-CC3DD1109801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "BE03563A-F44C-4618-B9C7-0367213A966D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:windows:*:*:*:*:*",
"matchCriteriaId": "57D1E42B-8544-4F05-97E9-43F980F0F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F9466DD3-C33E-4C36-B527-2D709629BFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "FC35FB0E-0355-4F64-934B-CA2ECB0084B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature."
},
{
"lang": "es",
"value": "Hitachi Web Server 01-00 hasta 03-00-01, tal y como se usa en determinados productos Cosminexus, no valida apropiadamente certificados SSL cliente, lo cual podr\u00eda permitir a atacantes remotos suplantar autenticaci\u00f3n mediante un certificado cliente con una firma falsificada."
}
],
"id": "CVE-2007-5810",
"lastModified": "2024-11-21T00:38:44.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-05T17:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42026"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27421"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26271"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3666"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-05 17:46
Modified
2024-11-21 00:38
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD8C880-F11E-44A9-85F3-F0977D61C44D",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "649ED27D-43A3-45B6-B33E-3052C927ADA7",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7773DA4-2ED1-46AA-95A2-422DC978838F",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F74FD551-8D2D-4D3D-B1D5-4B0EF5640F6D",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A47159F-991A-447B-A5E1-C4ED4E52ADBC",
"versionEndIncluding": "06_51_j",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22962B86-F12E-4290-B748-9FF12DE4A572",
"versionEndIncluding": "04_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F061CA-E6D6-4E0C-9AA0-3FE18A499D95",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9B6262-4F8B-45DA-A153-E54423CD8B16",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99EDC467-EAE5-4BD6-BAB7-944DF890A685",
"versionEndIncluding": "06_71_d",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FE1C85-1D57-4ED3-94FA-BCBAF9A2BD53",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5FC2D16-9EBB-4D18-AA2A-6C8D1788D60F",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52475B65-FCC2-418D-9842-BD6197367F5B",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67D3AEC5-63FA-4457-9EE4-CE5A2B55B687",
"versionEndIncluding": "07_50_01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_00:*:hpux:*:*:*:*:*",
"matchCriteriaId": "1A0EB6CA-C6BF-4316-9C87-DC6177C54112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7839481D-92D1-4252-916B-D5BF0C817B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:aix:*:*:*:*:*",
"matchCriteriaId": "DCBE68C6-A9FF-4783-A554-0F2E79B77D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "BA1B4996-9789-4E7B-B89C-30719D4CEF0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01:*:turbolinux:*:*:*:*:*",
"matchCriteriaId": "ACDA910D-7CA8-4B21-9992-C766277598FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_01_d:*:linux:*:*:*:*:*",
"matchCriteriaId": "916B1226-DB50-4C23-BFFE-B61983B20A1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_d:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F6BC26AD-3B1F-449A-81C6-8C363620033E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_d:*:solaris:*:*:*:*:*",
"matchCriteriaId": "768DC203-A5EE-471F-8290-74877E0F2EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:01_02_e:*:aix:*:*:*:*:*",
"matchCriteriaId": "2A316667-A7C3-48FD-8DDD-3A1B79D5695F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "F0EB32A1-4032-4ECA-A02B-B2BC2A03E93C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:hpux:*:*:*:*:*",
"matchCriteriaId": "24BFFB81-904A-4C48-9015-2DCF9F7F4CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "200A370A-FBCE-412C-B01A-5E79DE317134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "EEDEA46C-003C-4A71-8BBC-4214B5D7C84C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:turbolinux:*:*:*:*:*",
"matchCriteriaId": "CA4D9A0F-21D2-45E8-BC90-BFABDCC1119C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00:*:windows:*:*:*:*:*",
"matchCriteriaId": "62E9F68B-6A10-430F-BB15-DE9F354053BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_00_a:*:linux:*:*:*:*:*",
"matchCriteriaId": "A2306B1F-810D-4188-BEE3-F49925B5BA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:hpux:*:*:*:*:*",
"matchCriteriaId": "D2AA434B-FCDE-4143-A4CA-85DC65F1351B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "498D35C5-D720-4540-87C1-6B5A89C9007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "5B8B0A25-B6D1-4CDF-A797-359C94DC8BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "4FBD5964-A65F-468E-98AF-6CBBF0EA6926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F8C06DC9-FE19-4BEA-9FB8-F892C0668087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "1E64D786-872A-4FB8-ABE8-B6B0EA4AF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4DAB1871-2653-4F96-A65F-F0FD7719BC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_04_b:*:windows:*:*:*:*:*",
"matchCriteriaId": "86C196C5-C8EC-4037-A440-36DAF363DD92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:02_06_a:*:linux:*:*:*:*:*",
"matchCriteriaId": "EBCA3085-482D-4F5A-8E27-FC68CCEF6617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "3F398CED-1BA2-475A-94A3-8E4E6C2C585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:hpux\\(ipf\\):*:*:*:*:*",
"matchCriteriaId": "1B69F829-530D-4E51-98F0-CC3DD1109801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "BE03563A-F44C-4618-B9C7-0367213A966D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00:*:windows:*:*:*:*:*",
"matchCriteriaId": "57D1E42B-8544-4F05-97E9-43F980F0F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F9466DD3-C33E-4C36-B527-2D709629BFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:web_server:03_00_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "FC35FB0E-0355-4F64-934B-CA2ECB0084B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Hitachi Web Server 01-00 hasta 03-10, tal y como se usa en determinados productos Cosminexus, permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n mediante peticiones HTTP no especificadas que disparan la creaci\u00f3n de una p\u00e1gina estado-de-servidor."
}
],
"id": "CVE-2007-5809",
"lastModified": "2024-11-21T00:38:44.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-11-05T17:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42027"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27421"
},
{
"source": "cve@mitre.org",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26271"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3666"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-28 01:17
Modified
2024-11-21 00:35
Severity ?
Summary
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:aix:*:*:*:*:*",
"matchCriteriaId": "F7AA2F96-CF8B-47ED-87EA-75DF8D90E3AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:hpux:*:*:*:*:*",
"matchCriteriaId": "236D9E91-37DE-4D43-90A4-765800D76DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux:*:*:*:*:*",
"matchCriteriaId": "49F54B21-D9CF-41B7-88F9-C70261925B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "5D1C24CE-3B20-44B5-BE21-2FAD1CCC9EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C9A0DB59-010E-4945-A6B1-694269838299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "90219723-B2D7-4E35-94E0-B12FF452AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "BE770156-FDF2-4818-A7F8-9062D7132CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "74E73757-B69E-461D-B0BC-06FA6D321E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "13E1CC0C-4322-4F78-B24D-638AF7D7CD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_e_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "662B20FF-8BB3-431E-A1DD-251A587B399E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_f:*:aix:*:*:*:*:*",
"matchCriteriaId": "995EA2B9-DC6E-4393-BAFC-9A5550DE653A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "8C494CF0-A0AF-4435-B273-0A0754985640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_b_1:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "2B4131DA-3B12-459E-AE98-978FB496270C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "1A137E25-6B8A-4861-8DEA-F19DCBDFD955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:aix:*:*:*:*:*",
"matchCriteriaId": "6F823A2E-4D86-4C9B-ABDA-252B72FA0113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F4511C24-ADD2-4DB6-A21C-25AEE1BCD9E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "FA466BD3-AD09-44FB-99AE-4D5F883C32F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux:*:*:*:*:*",
"matchCriteriaId": "D4BEEF1B-27CE-476C-BDF7-1922D94D8BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "AE9F2873-D1B8-40C5-BBE7-85D8875FAABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "79422655-ECE2-41DD-8319-747B0DDF22CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "E5D936F5-A4BA-4303-8185-0E3B9DD21E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "8D272DC2-7A28-478D-B6F2-B0A6825A4E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1AE1BC52-7D66-4156-A965-3392D0F25F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_e_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "58D341DC-1558-42AD-A328-6ABE3DD4142E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_f:*:aix:*:*:*:*:*",
"matchCriteriaId": "3BAB8404-E909-4DDD-9D1E-145FCDAB9C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux:*:*:*:*:*",
"matchCriteriaId": "456D38AB-D5B4-47C4-AA93-B82CD97CEBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "A5A2201A-F2EF-4324-9D48-D11908E12261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "310697C7-2238-492A-BAD5-D9F7C3A568F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "A5B8211D-EA3C-49BA-A37B-A6BFBBA00F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E107823-9EF7-4716-9C75-1BB0E3432CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "226CB6F1-1E01-40E5-97D9-5FD93EF74B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "1D153999-0B49-4C8F-B949-3FDBCD67906C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "455233D1-131E-4384-857C-8165974DCA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:aix:*:*:*:*:*",
"matchCriteriaId": "18967E4A-3D79-49AD-97B1-EB4328949729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7E7A6668-41D5-4AF3-9A20-EEC00781F68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:aix:*:*:*:*:*",
"matchCriteriaId": "D9DFC8FF-7618-42A6-A8DB-4D7A75DE5C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:solaris:*:*:*:*:*",
"matchCriteriaId": "6E676236-8986-45F8-B720-84A5156B6DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "43BA2D74-289E-4201-8F4B-78E8E64CA358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "51A48F4D-6E53-4CD0-BEBA-8882393A7A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "B55FE085-3CCD-4DF9-A2BD-F22FC4EF940A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "2D3E1E8D-D75F-49AB-B086-58EF334A084F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "982584F4-A3EA-4B71-B084-8A80927092CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "F60ED027-FD72-47F8-9230-DAEF1B218B1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "6B7B56A8-E705-4B9D-8763-EF281F875802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71:*:linux:*:*:*:*:*",
"matchCriteriaId": "D4B082D2-0E8C-4442-9E92-7867C0D3F1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "7B06B22B-5DE0-4AD3-9056-80FE5D02EC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "19B0E862-F36A-4419-B8AC-BB3B0B28A3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B7E09F38-1B66-404B-9E22-A1B2D1464AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "26D40FE4-7956-4D87-9DA2-99E6F62B6525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "F16F6336-42F5-4941-B700-73DAEDE83E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "191D1364-D6F1-4778-B765-7AF0D18439BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "D363EB0D-F881-45ED-A3E0-1148BC648889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07-00-01:*:linux:*:*:*:*:*",
"matchCriteriaId": "45A8B520-1678-47D2-8D1B-AB6BA818DBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "F6FE70C8-749C-40A0-B087-14FDB6097CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "2FE5D346-61E9-489B-9529-AA559E111DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "E0E60F8E-0116-4215-8E52-1A663ECB834B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4FAC97A3-04E7-425C-AD8F-B75838E975FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_12:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "A5934C16-A21C-4275-89CA-B1287F8BAFE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:aix:*:*:*:*:*",
"matchCriteriaId": "48E93BDB-BB6D-4D1C-B3DD-3518E045F753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux:*:*:*:*:*",
"matchCriteriaId": "82648C13-1D91-4C4C-A17B-64BCC5A24147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "12382EE9-4D34-4724-9023-5F6C48944F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "8453ECF8-9419-4AD3-9541-B362FA58E4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "B0316DD8-E2EB-4953-96BC-894B87D6C815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_1:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "01D417A7-FB2E-4813-AEF3-9F136AB8106B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_06:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "ED59C48E-BA08-4E29-BB01-9F22CC20D7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_08:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "FE697045-8D42-43E0-8C98-7961E21E2B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70:*:solaris:*:*:*:*:*",
"matchCriteriaId": "673C833D-A7F8-4941-B7F9-AC17E67FB717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:aix:*:*:*:*:*",
"matchCriteriaId": "E9E62188-DCA4-4749-A451-9A12E9F53B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:solaris:*:*:*:*:*",
"matchCriteriaId": "569AC136-11EE-47A6-8150-F983768AE58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "65CA666D-E597-45C2-9DBF-DD728B5480AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "5DEB6A9B-A029-4F70-95E7-16DD33D736E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "5F8C5DC3-CF27-4AED-B97B-03DFCD743746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "39E1498C-6267-4266-B7E6-A1E70CF25A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "CAA364D2-B6AB-4BEE-BBC6-D9C9BED57CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A68736B4-66E3-45E4-9B3A-222E0F4463BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "A62CCAA4-8156-4E05-8A96-81558F478C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71:*:linux:*:*:*:*:*",
"matchCriteriaId": "45D28BE6-DA8F-433B-84FA-35965A7C02A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "D0DF3D57-8E23-4293-883A-BDF555CA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "8C8743DB-CCA4-4519-847E-7FDA353026F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "9BBE9283-5E06-4F2E-AA14-4B536C20AC61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "386B6C72-C5EF-47A0-B6F5-E0B50C042FEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "13509F94-3953-4E87-BBB5-02FA5EACC024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "B4B51A86-7C91-454D-8A71-6E652ACE948C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "1F7055A9-7A8A-4EB0-B202-220825B3FBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "4919D1DA-37C9-4C18-8F5B-C0BC6F6915D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "20ED59C6-CD06-4FE1-A484-A7E642F33AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "58266C54-32FE-4E5D-94A8-4291A87208EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "725FA408-39B0-4A14-946C-6BDAB6E0FE4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux:*:*:*:*:*",
"matchCriteriaId": "930CA326-7B3E-4C46-8DD1-CB17CD0CC5FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "6511A0F9-6B01-49E1-8693-B6EC044DDB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "0E5A504F-C4B1-44EC-A7AC-8690CF925B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "84BE463B-0A3E-477C-B912-966625887D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "0CADDEE7-D529-4644-9A5F-6235AD072CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:aix:*:*:*:*:*",
"matchCriteriaId": "1D1DAE56-DEA3-45C3-AFD7-1C40F6C62CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "CED6A3B7-F58D-47BE-81DB-59AC0DFC7F41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user\u0027s group permissions to logical J2EE server processes, which allows local users to gain privileges."
},
{
"lang": "es",
"value": "Cosminexus Manager en Cosminexus Application Server 06-50 y posteriores podr\u00edan asignar los permisos de grupos de usuario erroneamente a los procesos del servidor l\u00f3gico J2EE, el cual permite a usuarios locales ganar privilegios."
}
],
"id": "CVE-2007-4563",
"lastModified": "2024-11-21T00:35:54.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-28T01:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37854"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26589"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-28 01:17
Modified
2024-11-21 00:35
Severity ?
Summary
Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:aix:*:*:*:*:*",
"matchCriteriaId": "F7AA2F96-CF8B-47ED-87EA-75DF8D90E3AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:hpux:*:*:*:*:*",
"matchCriteriaId": "236D9E91-37DE-4D43-90A4-765800D76DBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux:*:*:*:*:*",
"matchCriteriaId": "49F54B21-D9CF-41B7-88F9-C70261925B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "5D1C24CE-3B20-44B5-BE21-2FAD1CCC9EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C9A0DB59-010E-4945-A6B1-694269838299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "90219723-B2D7-4E35-94E0-B12FF452AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "BE770156-FDF2-4818-A7F8-9062D7132CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "74E73757-B69E-461D-B0BC-06FA6D321E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "13E1CC0C-4322-4F78-B24D-638AF7D7CD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_e_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "662B20FF-8BB3-431E-A1DD-251A587B399E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_f:*:aix:*:*:*:*:*",
"matchCriteriaId": "995EA2B9-DC6E-4393-BAFC-9A5550DE653A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "8C494CF0-A0AF-4435-B273-0A0754985640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_b_1:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "2B4131DA-3B12-459E-AE98-978FB496270C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "1A137E25-6B8A-4861-8DEA-F19DCBDFD955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:aix:*:*:*:*:*",
"matchCriteriaId": "6F823A2E-4D86-4C9B-ABDA-252B72FA0113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux:*:*:*:*:*",
"matchCriteriaId": "F4511C24-ADD2-4DB6-A21C-25AEE1BCD9E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "FA466BD3-AD09-44FB-99AE-4D5F883C32F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux:*:*:*:*:*",
"matchCriteriaId": "D4BEEF1B-27CE-476C-BDF7-1922D94D8BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "AE9F2873-D1B8-40C5-BBE7-85D8875FAABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "79422655-ECE2-41DD-8319-747B0DDF22CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "E5D936F5-A4BA-4303-8185-0E3B9DD21E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "8D272DC2-7A28-478D-B6F2-B0A6825A4E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1AE1BC52-7D66-4156-A965-3392D0F25F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_e_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "58D341DC-1558-42AD-A328-6ABE3DD4142E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_f:*:aix:*:*:*:*:*",
"matchCriteriaId": "3BAB8404-E909-4DDD-9D1E-145FCDAB9C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux:*:*:*:*:*",
"matchCriteriaId": "456D38AB-D5B4-47C4-AA93-B82CD97CEBAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "A5A2201A-F2EF-4324-9D48-D11908E12261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "310697C7-2238-492A-BAD5-D9F7C3A568F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_c:*:linux:*:*:*:*:*",
"matchCriteriaId": "A5B8211D-EA3C-49BA-A37B-A6BFBBA00F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E107823-9EF7-4716-9C75-1BB0E3432CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "226CB6F1-1E01-40E5-97D9-5FD93EF74B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "1D153999-0B49-4C8F-B949-3FDBCD67906C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "455233D1-131E-4384-857C-8165974DCA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:aix:*:*:*:*:*",
"matchCriteriaId": "18967E4A-3D79-49AD-97B1-EB4328949729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7E7A6668-41D5-4AF3-9A20-EEC00781F68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:aix:*:*:*:*:*",
"matchCriteriaId": "D9DFC8FF-7618-42A6-A8DB-4D7A75DE5C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:solaris:*:*:*:*:*",
"matchCriteriaId": "6E676236-8986-45F8-B720-84A5156B6DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "43BA2D74-289E-4201-8F4B-78E8E64CA358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "51A48F4D-6E53-4CD0-BEBA-8882393A7A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "B55FE085-3CCD-4DF9-A2BD-F22FC4EF940A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "2D3E1E8D-D75F-49AB-B086-58EF334A084F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "982584F4-A3EA-4B71-B084-8A80927092CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "F60ED027-FD72-47F8-9230-DAEF1B218B1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "6B7B56A8-E705-4B9D-8763-EF281F875802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71:*:linux:*:*:*:*:*",
"matchCriteriaId": "D4B082D2-0E8C-4442-9E92-7867C0D3F1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "7B06B22B-5DE0-4AD3-9056-80FE5D02EC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "19B0E862-F36A-4419-B8AC-BB3B0B28A3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B7E09F38-1B66-404B-9E22-A1B2D1464AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "26D40FE4-7956-4D87-9DA2-99E6F62B6525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "F16F6336-42F5-4941-B700-73DAEDE83E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "191D1364-D6F1-4778-B765-7AF0D18439BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "D363EB0D-F881-45ED-A3E0-1148BC648889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07-00-01:*:linux:*:*:*:*:*",
"matchCriteriaId": "45A8B520-1678-47D2-8D1B-AB6BA818DBE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "F6FE70C8-749C-40A0-B087-14FDB6097CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "2FE5D346-61E9-489B-9529-AA559E111DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "E0E60F8E-0116-4215-8E52-1A663ECB834B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4FAC97A3-04E7-425C-AD8F-B75838E975FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_12:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "A5934C16-A21C-4275-89CA-B1287F8BAFE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:aix:*:*:*:*:*",
"matchCriteriaId": "48E93BDB-BB6D-4D1C-B3DD-3518E045F753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux:*:*:*:*:*",
"matchCriteriaId": "82648C13-1D91-4C4C-A17B-64BCC5A24147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "12382EE9-4D34-4724-9023-5F6C48944F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "8453ECF8-9419-4AD3-9541-B362FA58E4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "B0316DD8-E2EB-4953-96BC-894B87D6C815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_1:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "01D417A7-FB2E-4813-AEF3-9F136AB8106B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_06:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "ED59C48E-BA08-4E29-BB01-9F22CC20D7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_08:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "FE697045-8D42-43E0-8C98-7961E21E2B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70:*:solaris:*:*:*:*:*",
"matchCriteriaId": "673C833D-A7F8-4941-B7F9-AC17E67FB717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:aix:*:*:*:*:*",
"matchCriteriaId": "E9E62188-DCA4-4749-A451-9A12E9F53B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:solaris:*:*:*:*:*",
"matchCriteriaId": "569AC136-11EE-47A6-8150-F983768AE58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:aix:*:*:*:*:*",
"matchCriteriaId": "65CA666D-E597-45C2-9DBF-DD728B5480AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:hpux:*:*:*:*:*",
"matchCriteriaId": "5DEB6A9B-A029-4F70-95E7-16DD33D736E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "5F8C5DC3-CF27-4AED-B97B-03DFCD743746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:solaris:*:*:*:*:*",
"matchCriteriaId": "39E1498C-6267-4266-B7E6-A1E70CF25A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "CAA364D2-B6AB-4BEE-BBC6-D9C9BED57CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A68736B4-66E3-45E4-9B3A-222E0F4463BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "A62CCAA4-8156-4E05-8A96-81558F478C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71:*:linux:*:*:*:*:*",
"matchCriteriaId": "45D28BE6-DA8F-433B-84FA-35965A7C02A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71_b:*:linux:*:*:*:*:*",
"matchCriteriaId": "D0DF3D57-8E23-4293-883A-BDF555CA7048",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_1:*:hpux:*:*:*:*:*",
"matchCriteriaId": "8C8743DB-CCA4-4519-847E-7FDA353026F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_b_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "9BBE9283-5E06-4F2E-AA14-4B536C20AC61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_c:*:solaris:*:*:*:*:*",
"matchCriteriaId": "386B6C72-C5EF-47A0-B6F5-E0B50C042FEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_d:*:aix:*:*:*:*:*",
"matchCriteriaId": "13509F94-3953-4E87-BBB5-02FA5EACC024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_g:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "B4B51A86-7C91-454D-8A71-6E652ACE948C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:aix:*:*:*:*:*",
"matchCriteriaId": "1F7055A9-7A8A-4EB0-B202-220825B3FBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "4919D1DA-37C9-4C18-8F5B-C0BC6F6915D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "20ED59C6-CD06-4FE1-A484-A7E642F33AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:solaris:*:*:*:*:*",
"matchCriteriaId": "58266C54-32FE-4E5D-94A8-4291A87208EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "725FA408-39B0-4A14-946C-6BDAB6E0FE4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux:*:*:*:*:*",
"matchCriteriaId": "930CA326-7B3E-4C46-8DD1-CB17CD0CC5FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux_ipf:*:*:*:*:*",
"matchCriteriaId": "6511A0F9-6B01-49E1-8693-B6EC044DDB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "0E5A504F-C4B1-44EC-A7AC-8690CF925B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux_ipf:*:*:*:*:*",
"matchCriteriaId": "84BE463B-0A3E-477C-B912-966625887D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00:*:linux:*:*:*:*:*",
"matchCriteriaId": "0CADDEE7-D529-4644-9A5F-6235AD072CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:aix:*:*:*:*:*",
"matchCriteriaId": "1D1DAE56-DEA3-45C3-AFD7-1C40F6C62CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:linux:*:*:*:*:*",
"matchCriteriaId": "CED6A3B7-F58D-47BE-81DB-59AC0DFC7F41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user\u0027s group permissions to logical user server processes, which allows local users to gain privileges."
},
{
"lang": "es",
"value": "Cosminexus Manager en Cosminexus Application Server 07-00 y posteriores podr\u00edan asignar permisos de grupos de usuarios de forma incorrecta a procesos del servidor de l\u00f3gica de usuario, el cual permite a usuarios locales ganar privilegios."
}
],
"id": "CVE-2007-4564",
"lastModified": "2024-11-21T00:35:54.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-28T01:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37855"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26589"
},
{
"source": "cve@mitre.org",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25434"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}