Search criteria
15 vulnerabilities found for ucosminexus_collaboration_portal by hitachi
FKIE_CVE-2007-5808
Vulnerability from fkie_nvd - Published: 2007-11-05 17:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30:*:*:*:*:*:*:*",
"matchCriteriaId": "4746A3B3-DA42-43EB-8B55-87928275558E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30_b:*:*:*:*:*:*:*",
"matchCriteriaId": "4A53B498-655B-4F1E-BFC8-35106D0109EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30_c:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8D7B18-527F-4281-846E-FFC7A5AD42D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30_d:*:*:*:*:*:*:*",
"matchCriteriaId": "44211524-5666-42EB-B5BC-98AABE0B828A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30_e:*:*:*:*:*:*:*",
"matchCriteriaId": "1191CEED-D2EB-4C3C-9F4B-5F41160E49E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_30_f:*:*:*:*:*:*:*",
"matchCriteriaId": "94E05C56-C0BD-4D0D-851F-16743DFE3904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_32:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6375C2-A93F-4F24-86DF-1BC2D2AD42F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_32_b:*:*:*:*:*:*:*",
"matchCriteriaId": "38D212D2-105E-41C1-B814-8508497F4246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_32_c:*:*:*:*:*:*:*",
"matchCriteriaId": "F244C0DE-CF59-4872-9BC5-7686F425E0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFF2D01-2431-41F4-A6BE-336FC958FD51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30_b:*:*:*:*:*:*:*",
"matchCriteriaId": "574496FB-C368-4F9F-9378-D33F336B44D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30_c:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9E19B7-A631-49FA-B2CA-B4138076957F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30_d:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7B7264-129B-4BF4-90FA-931DE1980877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30_e:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5075A5-9B3D-4125-9D64-1A3E95320156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_30_f:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A636C4-E877-421D-9B56-57B34A791BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_32:*:*:*:*:*:*:*",
"matchCriteriaId": "417FFDE7-63C0-4A6B-A0D3-9738158D7017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_32_b:*:*:*:*:*:*:*",
"matchCriteriaId": "B92A78E4-098D-4416-879B-A34F1115B4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADA1115-0978-4CA6-A54C-1733B430D24D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30_b:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A542BF-3785-42DD-A42A-494ED774F5AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30_c:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFA57C9-6601-489F-9751-162DF6D52D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30_d:*:*:*:*:*:*:*",
"matchCriteriaId": "99899CF6-2A31-419F-8DF1-7B14917E5BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30_e:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB74A03-FF81-4583-98C2-A10229F932C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_30_f:*:*:*:*:*:*:*",
"matchCriteriaId": "F76ECE73-F247-4233-B57D-8CC9F5C1A0A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_32:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F74FE7-5937-4C27-AC20-3DBDD005BD29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_32_b:*:*:*:*:*:*:*",
"matchCriteriaId": "DF32455F-DF21-46CA-9BA0-8CFD63362CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06_32_c:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC29AA5-7CD6-447A-985F-1A2B876F3C48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Groupmax Collaboration - Schedule de Hitachi Groupmax Collaboration Portal 07-30 hasta 07-30-/F y 07-32 hasta 07-32-/C, uCosminexus Collaboration Portal 06-30 hasta 06-30-/F y 06-32 hasta 06-32-/C, y Groupmax Collaboration Web Client - Mail/Schedule 07-30 hasta 07-30-/F y d 07-32 hasta 07-32-/B podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n confidencial mediante vectores no especificados relativos a portlets de agenda."
}
],
"id": "CVE-2007-5808",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-05T17:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42025"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27451"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26272"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-4204
Vulnerability from fkie_nvd - Published: 2007-08-08 01:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | groupmax_collaboration_portal | 07-32 | |
| hitachi | groupmax_collaboration_portal | 07-32_b | |
| hitachi | groupmax_collaboration_web_client | 07-32 | |
| hitachi | groupmax_collaboration_web_client | 07-32_a | |
| hitachi | ucosminexus_collaboration_portal | 06-32 | |
| hitachi | ucosminexus_collaboration_portal | 06-32_b |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D3053F-0657-4F30-8851-7F46B430BA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32_b:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2D5034-F336-48AD-A892-31A650A7F54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32:*:*:*:*:*:*:*",
"matchCriteriaId": "67191ED5-9A70-4DD5-B561-D99037D44DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32_a:*:*:*:*:*:*:*",
"matchCriteriaId": "8202A38A-1346-4E14-B0BE-A41E46CDB451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32:*:*:*:*:*:*:*",
"matchCriteriaId": "2963D385-1A2B-4ED5-A4C8-7C188B5972F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32_b:*:*:*:*:*:*:*",
"matchCriteriaId": "934777D6-1B32-46B9-A540-61690A897EBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."
},
{
"lang": "es",
"value": "Hitachi Groupmax Collaboration - Schedule, usado en Groupmax Collaboration Portal 07-32 hasta 07-32-/B, uCosminexus Collaboration Portal 06-32 hasta 06-32-/B, y Groupmax Collaboration Web Client - Mail/Schedule 07-32 hasta 07-32-/A, puede asignar datos de programaci\u00f3n (schedule) al usuario incorrecto bajo condiciones no especificadas, lo cual podr\u00eda permitir a usuarios autenticados remotamente obtener informaci\u00f3n sensible."
}
],
"id": "CVE-2007-4204",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-08T01:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/46987"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/46987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-4124
Vulnerability from fkie_nvd - Published: 2007-08-01 16:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "336AC0E8-01DB-4D75-8F9F-E1673BE7883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:standard:*:*:*:*:*",
"matchCriteriaId": "B2306ACE-7FC7-4B52-AAE8-436A606C5041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4E08A2-D531-4DE2-B449-48B8AA11F365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:light:*:*:*:*:*",
"matchCriteriaId": "44328F8D-C3B7-45CD-B01D-69328275C5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:professional:*:*:*:*:*",
"matchCriteriaId": "43EFBD4E-DC14-4142-8128-B4261431E8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer:6:*:standard:*:*:*:*:*",
"matchCriteriaId": "7A7BE1FF-7B19-4F3F-B02D-2AA27B38F088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_erp_integrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84DD23A3-EC26-4805-BCCC-9F6B1EED60D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CACCCE63-723C-449B-9661-FCE9FA94DD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:developer_client_set:*:*:*:*:*",
"matchCriteriaId": "945C66CA-31DB-408D-BD4B-D023381F5DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:professional_library_set:*:*:*:*:*",
"matchCriteriaId": "424670C5-82C6-44E0-A3C0-4391F254E6BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:electronic_form_workflow:*:*:standard_set:*:*:*:*:*",
"matchCriteriaId": "182C9BBE-DA39-412C-868A-CCDE7E4399CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:server:*:*:*:*:*",
"matchCriteriaId": "3A8F4CE3-0710-4F68-B8C3-31B5F4E13BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "F374179A-7C0D-48B2-B0FF-39F5D4A7E37B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:standard:*:*:*:*:*",
"matchCriteriaId": "272AD10C-E135-4EEE-8F48-E28CF5F7B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*:*:server:*:*:*:*:*",
"matchCriteriaId": "271FC231-03E1-4C99-B9F3-A8536503B71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:light:*:*:*:*:*",
"matchCriteriaId": "8E2D80C1-773F-4C43-B990-2575782E619C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:professional:*:*:*:*:*",
"matchCriteriaId": "03011EFF-6C5F-40F2-BF6D-FE4DE0E6F552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer:*:*:standard:*:*:*:*:*",
"matchCriteriaId": "415BE30B-0222-4C2F-9791-273469DB5BED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_erp_integrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C963599-5B39-40A0-A834-E738164B3531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C564AA10-5286-4986-A580-61EC7A746352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "354BD4CE-7B1A-4442-9F87-08CD70D9499E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72E63548-3AB3-4B78-AA2D-5B2AC7E06DD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
},
{
"lang": "es",
"value": "La funci\u00f3n de recuperaci\u00f3n de sesi\u00f3n ante fallos en Cosminexus Component Container de Cosminexus 6, 6.7, y 7 anterior al 31/07/2007, como el usado en m\u00faltiples productos de Hitachi, puede utilizar informaci\u00f3n de la sesi\u00f3n para el usuario equivocado bajo ciertas condiciones no especificadas, lo cual podr\u00eda permitir a usuarios autenticados remotos obtener informaci\u00f3n sensible, corromper la informaci\u00f3n de sesi\u00f3n de otros usuarios, y posiblemente obtener privilegios."
}
],
"id": "CVE-2007-4124",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-08-01T16:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37852"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26250"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-3043
Vulnerability from fkie_nvd - Published: 2007-06-05 23:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hitachi | groupmax_collaboration_portal | 7_20_e | |
| hitachi | groupmax_collaboration_portal | 7_30_d | |
| hitachi | groupmax_collaboration_web_client | forum_file_share_7_20_d | |
| hitachi | groupmax_collaboration_web_client | forum_file_share_7_30_c | |
| hitachi | ucosminexus_collaboration_portal | 6_20_e | |
| hitachi | ucosminexus_collaboration_portal | 6_30_d | |
| hitachi | ucosminexus_collaboration_portal | forum_file_share_6_20_d | |
| hitachi | ucosminexus_collaboration_portal | forum_file_share_6_30_c |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:7_20_e:*:*:*:*:*:*:*",
"matchCriteriaId": "13120E63-ACC6-4EF5-AEA4-1E486A371E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:7_30_d:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9F6574-2A52-4B07-98A7-3B221AA5B95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:forum_file_share_7_20_d:*:*:*:*:*:*:*",
"matchCriteriaId": "50C1C230-4C34-4D13-B551-F1DB59B78088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:forum_file_share_7_30_c:*:*:*:*:*:*:*",
"matchCriteriaId": "784BF814-5C77-4E6C-BA0F-87DF10AF443E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:6_20_e:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD7D1C0-1BA1-428E-BE20-FB3A34647A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:6_30_d:*:*:*:*:*:*:*",
"matchCriteriaId": "608F37DD-D295-4F2D-A9F6-CAAF431EA76A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:forum_file_share_6_20_d:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5E178D-7E4C-4A02-8F61-9F1091C30885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:forum_file_share_6_30_c:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4F03B2-D400-4152-997E-373CCECC9FAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Collaboration - File Sharing 01-20 hasta 01-20-/B y 01-30 hasta 01-30-/B en Hitechi Groupmax Collaboration Portal hasta 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing hasta 07-30-/C, uCosminexus Collaboration Portal hasta 06-30-/D, y uCosminexus Collaboration Portal - Forum/File Sharing hasta 06-30-/C en Windows permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-3043",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-05T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36828"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25507"
},
{
"source": "cve@mitre.org",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24263"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1786
Vulnerability from fkie_nvd - Published: 2007-03-31 10:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4E08A2-D531-4DE2-B449-48B8AA11F365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAC0784-59AB-4011-837E-DA7F982FD9AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5735920C-E419-4671-B455-FCA4A2C3300E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5554C5-8590-4291-ABFC-F2CA4688136E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_content_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BAFF2D-E60B-401E-9E6C-336FCF8FF60C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Hitachi Collaboration - Online Community Management 01-00 hasta la 01-30, utilizado en Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, y uCosminexus Content Manager, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s vectores no especificados."
}
],
"id": "CVE-2007-1786",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-31T10:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34544"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24693"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-5808 (GCVE-0-2007-5808)
Vulnerability from cvelistv5 – Published: 2007-11-05 17:00 – Updated: 2024-08-07 15:47
VLAI?
Summary
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"refsource": "OSVDB",
"url": "http://osvdb.org/42025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5808",
"datePublished": "2007-11-05T17:00:00",
"dateReserved": "2007-11-05T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4204 (GCVE-0-2007-4204)
Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI?
Summary
Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2723",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2723",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2723",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"refsource": "OSVDB",
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4204",
"datePublished": "2007-08-08T01:11:00",
"dateReserved": "2007-08-07T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4124 (GCVE-0-2007-4124)
Vulnerability from cvelistv5 – Published: 2007-08-01 16:00 – Updated: 2024-08-07 14:46
VLAI?
Summary
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:38.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"refsource": "OSVDB",
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26250"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4124",
"datePublished": "2007-08-01T16:00:00",
"dateReserved": "2007-08-01T00:00:00",
"dateUpdated": "2024-08-07T14:46:38.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3043 (GCVE-0-2007-3043)
Vulnerability from cvelistv5 – Published: 2007-06-05 23:00 – Updated: 2024-08-07 13:57
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25507"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25507"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"refsource": "OSVDB",
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25507"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3043",
"datePublished": "2007-06-05T23:00:00",
"dateReserved": "2007-06-05T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1786 (GCVE-0-2007-1786)
Vulnerability from cvelistv5 – Published: 2007-03-31 10:00 – Updated: 2024-08-07 13:06
VLAI?
Summary
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"refsource": "OSVDB",
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1786",
"datePublished": "2007-03-31T10:00:00",
"dateReserved": "2007-03-30T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5808 (GCVE-0-2007-5808)
Vulnerability from nvd – Published: 2007-11-05 17:00 – Updated: 2024-08-07 15:47
VLAI?
Summary
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client - Mail/Schedule 07-30 through 07-30-/F and 07-32 through 07-32-/B might allow remote attackers to obtain sensitive information via unspecified vectors related to schedule portlets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hitachi-groupmax-information-disclosure(38188)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38188"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html"
},
{
"name": "ADV-2007-3667",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3667"
},
{
"name": "27451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27451"
},
{
"name": "26272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26272"
},
{
"name": "42025",
"refsource": "OSVDB",
"url": "http://osvdb.org/42025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5808",
"datePublished": "2007-11-05T17:00:00",
"dateReserved": "2007-11-05T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4204 (GCVE-0-2007-4204)
Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI?
Summary
Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2723",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2723",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2723",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2723"
},
{
"name": "46987",
"refsource": "OSVDB",
"url": "http://osvdb.org/46987"
},
{
"name": "hitachi-groupmax-schedule-info-disclosure(35704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4204",
"datePublished": "2007-08-08T01:11:00",
"dateReserved": "2007-08-07T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4124 (GCVE-0-2007-4124)
Vulnerability from nvd – Published: 2007-08-01 16:00 – Updated: 2024-08-07 14:46
VLAI?
Summary
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:38.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26250"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user\u0027s session data, and possibly gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25145"
},
{
"name": "ADV-2007-2725",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2725"
},
{
"name": "hitachi-container-session-hijacking(35706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35706"
},
{
"name": "37852",
"refsource": "OSVDB",
"url": "http://osvdb.org/37852"
},
{
"name": "26250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26250"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4124",
"datePublished": "2007-08-01T16:00:00",
"dateReserved": "2007-08-01T00:00:00",
"dateUpdated": "2024-08-07T14:46:38.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3043 (GCVE-0-2007-3043)
Vulnerability from nvd – Published: 2007-06-05 23:00 – Updated: 2024-08-07 13:57
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24263",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25507"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24263",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25507"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24263"
},
{
"name": "hitachi-filesharing-xss(34659)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34659"
},
{
"name": "36828",
"refsource": "OSVDB",
"url": "http://osvdb.org/36828"
},
{
"name": "ADV-2007-2020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2020"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html"
},
{
"name": "25507",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25507"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3043",
"datePublished": "2007-06-05T23:00:00",
"dateReserved": "2007-06-05T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1786 (GCVE-0-2007-1786)
Vulnerability from nvd – Published: 2007-03-31 10:00 – Updated: 2024-08-07 13:06
VLAI?
Summary
SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html"
},
{
"name": "23208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23208"
},
{
"name": "ADV-2007-1168",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1168"
},
{
"name": "34544",
"refsource": "OSVDB",
"url": "http://osvdb.org/34544"
},
{
"name": "24693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24693"
},
{
"name": "hitachi-collaboration-sql-injection(33348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1786",
"datePublished": "2007-03-31T10:00:00",
"dateReserved": "2007-03-30T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}