All the vulnerabilites related to hitachi - cosminexus_collaboration_portal
cve-2005-4322
Vulnerability from cvelistv5
Published
2005-12-17 11:00
Modified
2024-08-07 23:38
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/alerts/2005/Nov/1015241.html | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/20969 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/17634/ | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/15498 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/alerts/2005/Nov/1015242.html | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/22126 | vdb-entry, x_refsource_OSVDB | |
| http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/23197 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015241",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "20969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20969"
},
{
"name": "17634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "15498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15498"
},
{
"name": "1015242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "22126",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22126"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "hitachi-groupmax-multiple-xss(23197)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015241",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "20969",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20969"
},
{
"name": "17634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "15498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15498"
},
{
"name": "1015242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "22126",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22126"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "hitachi-groupmax-multiple-xss(23197)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23197"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015241",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "20969",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20969"
},
{
"name": "17634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "15498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15498"
},
{
"name": "1015242",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "22126",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22126"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "hitachi-groupmax-multiple-xss(23197)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23197"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4322",
"datePublished": "2005-12-17T11:00:00",
"dateReserved": "2005-12-17T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4124
Vulnerability from cvelistv5
Published
2007-08-01 16:00
Modified
2024-08-07 14:46
Severity ?
EPSS score ?
Summary
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/25145 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/2725 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35706 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/37852 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/26250 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:38.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"refsource": "OSVDB",
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26250"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4124",
"datePublished": "2007-08-01T16:00:00",
"dateReserved": "2007-08-01T00:00:00",
"dateUpdated": "2024-08-07T14:46:38.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4323
Vulnerability from cvelistv5
Published
2005-12-17 11:00
Modified
2024-08-07 23:38
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/alerts/2005/Nov/1015241.html | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/17634/ | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/alerts/2005/Nov/1015242.html | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/23193 | vdb-entry, x_refsource_XF | |
| http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/15500/ | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015241",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "17634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "1015242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "hitachi-groupmax-schedule-dos(23193)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "15500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15500/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015241",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "17634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "1015242",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "hitachi-groupmax-schedule-dos(23193)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "15500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15500/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015241",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"name": "17634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17634/"
},
{
"name": "1015242",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"name": "hitachi-groupmax-schedule-dos(23193)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23193"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"name": "15500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15500/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4323",
"datePublished": "2005-12-17T11:00:00",
"dateReserved": "2005-12-17T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3574
Vulnerability from cvelistv5
Published
2006-07-13 10:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to "execute malicious scripts" via unknown vectors (aka HS06-014-01).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/2665 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/20926 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27605 | vdb-entry, x_refsource_XF | |
| http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/18830 | vdb-entry, x_refsource_BID | |
| http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2665",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2665"
},
{
"name": "20926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20926"
},
{
"name": "hitachi-multiple-products-xss(27605)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27605"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html"
},
{
"name": "18830",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18830"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to \"execute malicious scripts\" via unknown vectors (aka HS06-014-01)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2665",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2665"
},
{
"name": "20926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20926"
},
{
"name": "hitachi-multiple-products-xss(27605)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27605"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html"
},
{
"name": "18830",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18830"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to \"execute malicious scripts\" via unknown vectors (aka HS06-014-01)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2665",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2665"
},
{
"name": "20926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20926"
},
{
"name": "hitachi-multiple-products-xss(27605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27605"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html"
},
{
"name": "18830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18830"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3574",
"datePublished": "2006-07-13T10:00:00",
"dateReserved": "2006-07-12T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1786
Vulnerability from cvelistv5
Published
2007-03-31 10:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/23208 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/1168 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/34544 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/24693 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33348 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"refsource": "OSVDB",
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1786",
"datePublished": "2007-03-31T10:00:00",
"dateReserved": "2007-03-30T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-03-31 10:19
Modified
2024-11-21 00:29
Severity ?
Summary
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4E08A2-D531-4DE2-B449-48B8AA11F365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAC0784-59AB-4011-837E-DA7F982FD9AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5735920C-E419-4671-B455-FCA4A2C3300E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5554C5-8590-4291-ABFC-F2CA4688136E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_content_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BAFF2D-E60B-401E-9E6C-336FCF8FF60C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Hitachi Collaboration - Online Community Management 01-00 hasta la 01-30, utilizado en Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, y uCosminexus Content Manager, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s vectores no especificados."
}
],
"id": "CVE-2007-1786",
"lastModified": "2024-11-21T00:29:09.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-31T10:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34544"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24693"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-17 11:03
Modified
2024-11-21 00:03
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | cosminexus_collaboration_portal | * | |
| hitachi | cosminexus_collaboration_portal | 06_00 | |
| hitachi | groupmax_collaboration_portal | * | |
| hitachi | groupmax_collaboration_portal | 07_00 | |
| hitachi | groupmax_collaboration_web_client | * | |
| hitachi | groupmax_collaboration_web_client | 07_00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C21696-043C-45A9-9CAE-5A7ADC612EE0",
"versionEndIncluding": "06_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "0D428F8F-EFDB-4F28-A272-3CCF79EBB0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "576A4EE0-CD07-43F5-85A3-A8FC8F5500BC",
"versionEndIncluding": "07_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "16157164-6751-4D83-9CDE-B71946B79B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D173A5D-F06A-48B7-AC5C-47A587094E93",
"versionEndIncluding": "07_10_a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "134864A9-7220-4D88-8E9B-806EAEA2DB95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components."
}
],
"id": "CVE-2005-4322",
"lastModified": "2024-11-21T00:03:58.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-17T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20969"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22126"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15498"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23197"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-17 11:03
Modified
2024-11-21 00:03
Severity ?
Summary
Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | cosminexus_collaboration_portal | * | |
| hitachi | cosminexus_collaboration_portal | 06_00 | |
| hitachi | groupmax_collaboration_portal | * | |
| hitachi | groupmax_collaboration_portal | 07_00 | |
| hitachi | groupmax_collaboration_web_client | * | |
| hitachi | groupmax_collaboration_web_client | 07_00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C21696-043C-45A9-9CAE-5A7ADC612EE0",
"versionEndIncluding": "06_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "0D428F8F-EFDB-4F28-A272-3CCF79EBB0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "576A4EE0-CD07-43F5-85A3-A8FC8F5500BC",
"versionEndIncluding": "07_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "16157164-6751-4D83-9CDE-B71946B79B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D173A5D-F06A-48B7-AC5C-47A587094E93",
"versionEndIncluding": "07_10_a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "134864A9-7220-4D88-8E9B-806EAEA2DB95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component."
}
],
"id": "CVE-2005-4323",
"lastModified": "2024-11-21T00:03:58.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-17T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15500/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17634/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/alerts/2005/Nov/1015242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15500/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23193"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-01 16:17
Modified
2024-11-21 00:34
Severity ?
Summary
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "336AC0E8-01DB-4D75-8F9F-E1673BE7883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:standard:*:*:*:*:*",
"matchCriteriaId": "B2306ACE-7FC7-4B52-AAE8-436A606C5041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4E08A2-D531-4DE2-B449-48B8AA11F365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:light:*:*:*:*:*",
"matchCriteriaId": "44328F8D-C3B7-45CD-B01D-69328275C5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:professional:*:*:*:*:*",
"matchCriteriaId": "43EFBD4E-DC14-4142-8128-B4261431E8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:standard:*:*:*:*:*",
"matchCriteriaId": "7A7BE1FF-7B19-4F3F-B02D-2AA27B38F088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_erp_integrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84DD23A3-EC26-4805-BCCC-9F6B1EED60D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CACCCE63-723C-449B-9661-FCE9FA94DD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:developer_client_set:*:*:*:*:*",
"matchCriteriaId": "945C66CA-31DB-408D-BD4B-D023381F5DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:professional_library_set:*:*:*:*:*",
"matchCriteriaId": "424670C5-82C6-44E0-A3C0-4391F254E6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:standard_set:*:*:*:*:*",
"matchCriteriaId": "182C9BBE-DA39-412C-868A-CCDE7E4399CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:server:*:*:*:*:*",
"matchCriteriaId": "3A8F4CE3-0710-4F68-B8C3-31B5F4E13BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "F374179A-7C0D-48B2-B0FF-39F5D4A7E37B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:standard:*:*:*:*:*",
"matchCriteriaId": "272AD10C-E135-4EEE-8F48-E28CF5F7B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*:*:server:*:*:*:*:*",
"matchCriteriaId": "271FC231-03E1-4C99-B9F3-A8536503B71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:light:*:*:*:*:*",
"matchCriteriaId": "8E2D80C1-773F-4C43-B990-2575782E619C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:professional:*:*:*:*:*",
"matchCriteriaId": "03011EFF-6C5F-40F2-BF6D-FE4DE0E6F552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:standard:*:*:*:*:*",
"matchCriteriaId": "415BE30B-0222-4C2F-9791-273469DB5BED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_erp_integrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C963599-5B39-40A0-A834-E738164B3531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C564AA10-5286-4986-A580-61EC7A746352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "354BD4CE-7B1A-4442-9F87-08CD70D9499E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72E63548-3AB3-4B78-AA2D-5B2AC7E06DD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
},
{
"lang": "es",
"value": "La funci\u00f3n de recuperaci\u00f3n de sesi\u00f3n ante fallos en Cosminexus Component Container de Cosminexus 6, 6.7, y 7 anterior al 31/07/2007, como el usado en m\u00faltiples productos de Hitachi, puede utilizar informaci\u00f3n de la sesi\u00f3n para el usuario equivocado bajo ciertas condiciones no especificadas, lo cual podr\u00eda permitir a usuarios autenticados remotos obtener informaci\u00f3n sensible, corromper la informaci\u00f3n de sesi\u00f3n de otros usuarios, y posiblemente obtener privilegios."
}
],
"id": "CVE-2007-4124",
"lastModified": "2024-11-21T00:34:50.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-08-01T16:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37852"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26250"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-13 10:05
Modified
2024-11-21 00:13
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to "execute malicious scripts" via unknown vectors (aka HS06-014-01).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C21696-043C-45A9-9CAE-5A7ADC612EE0",
"versionEndIncluding": "06_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "14077F3F-706D-4B57-A311-C906FAF53025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:06_00:*:*:*:*:*:*:*",
"matchCriteriaId": "0D428F8F-EFDB-4F28-A272-3CCF79EBB0A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "576A4EE0-CD07-43F5-85A3-A8FC8F5500BC",
"versionEndIncluding": "07_10_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E19CA67-F380-4B86-BA9E-FEE7FFA45627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "16157164-6751-4D83-9CDE-B71946B79B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D173A5D-F06A-48B7-AC5C-47A587094E93",
"versionEndIncluding": "07_10_a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F4020D-595F-4E3E-AE3C-D7917255A922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_00:*:*:*:*:*:*:*",
"matchCriteriaId": "134864A9-7220-4D88-8E9B-806EAEA2DB95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to \"execute malicious scripts\" via unknown vectors (aka HS06-014-01)."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencia de comandos en sitios cruzados (XSS) en Hitachi Groupmax Collaboration Portal y Web Client anterior 07-20-/D, y uCosminexus Collaboration Portal y Forum/File Sharing anterior a 06-20-/C, permite a atacantes remotos \"ejecutar secuencias de comandos maliciosas\" a trav\u00e9s de vectores desconocidos (tambi\u00e9n conocido como HS06-014-01)."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product releases:\r\nHitachi, Groupmax Collaboration Portal, 07-20-/D\r\nHitachi, Groupmax Collaboration Web Client, 07-20-/D\r\nHitachi, Cosminexus Collaboration Portal, 06-20-/C",
"id": "CVE-2006-3574",
"lastModified": "2024-11-21T00:13:55.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-13T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20926"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18830"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2665"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27605"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}