Search criteria
3 vulnerabilities found for cosminexus_developer_version_5 by hitachi
FKIE_CVE-2007-0514
Vulnerability from fkie_nvd - Published: 2007-01-26 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72EB5501-8682-47C6-A09B-64D628C319CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "336AC0E8-01DB-4D75-8F9F-E1673BE7883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_version_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A94B-6343-4A24-8E8D-461192CD643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9CE4D-B179-488A-881B-EDDE858DF8C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19698339-17FB-443A-A3A8-E6E364F6E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7AB561-DC97-4ACB-8810-B8020F28B769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_version_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5976B0CF-D923-4D74-A599-028E20D14AF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_enterprise_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DBFEFD-4667-4487-B009-F5133260D6A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3B8F3B-156B-44B0-97EF-F2DF622D8398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition_version_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC5DA2A-6880-491A-A2FD-327CF952E977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_web_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "394A48A2-C95B-4B1F-A571-77FFD1DA9F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_web_edition_version_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC015FD-6D1D-4A6C-A480-326614BEB5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:hitachi_web_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3721DE3-39EC-4C4A-B575-9F5CF2D21BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "0B00BB4D-1C8A-4CFE-9EA4-5CBE055276DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_smart_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0920-2D78-4EAF-8C99-C9928708C825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88B1B8FF-8362-471C-85DB-01D675764DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7148FC73-6087-4F89-8832-7888D3502E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C937879-7AC4-4B36-BC3A-3C9B620A17F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "354BD4CE-7B1A-4442-9F87-08CD70D9499E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72E63548-3AB3-4B78-AA2D-5B2AC7E06DD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Hitachi Web Server, uCosminexus, y productos Cosminexus anteriores al 24/01/2007 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante (1) cabeceras HTTP Expect o (2) im\u00e1genes de mapas."
}
],
"id": "CVE-2007-0514",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-26T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32997"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32998"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23843"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0326"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-0514 (GCVE-0-2007-0514)
Vulnerability from cvelistv5 – Published: 2007-01-26 00:00 – Updated: 2024-08-07 12:19
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32997"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32997"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32998",
"refsource": "OSVDB",
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"refsource": "OSVDB",
"url": "http://osvdb.org/32997"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0514",
"datePublished": "2007-01-26T00:00:00",
"dateReserved": "2007-01-25T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0514 (GCVE-0-2007-0514)
Vulnerability from nvd – Published: 2007-01-26 00:00 – Updated: 2024-08-07 12:19
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32997"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32998",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32997"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32998",
"refsource": "OSVDB",
"url": "http://osvdb.org/32998"
},
{
"name": "23843",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23843"
},
{
"name": "ADV-2007-0326",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0326"
},
{
"name": "32997",
"refsource": "OSVDB",
"url": "http://osvdb.org/32997"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0514",
"datePublished": "2007-01-26T00:00:00",
"dateReserved": "2007-01-25T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}