FKIE_CVE-2004-2493

Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
References
cve@mitre.orghttp://secunia.com/advisories/13321
cve@mitre.orghttp://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/12153
cve@mitre.orghttp://www.securityfocus.com/bid/11773
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/18278
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/13321
af854a3a-2127-422b-91ae-364da2661108http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/12153
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/11773
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18278
Impacted products
Vendor Product Version
hitachi groupmax_world_wide_web 2
hitachi groupmax_world_wide_web 02_00
hitachi groupmax_world_wide_web 02_20
hitachi groupmax_world_wide_web 02_20_a
hitachi groupmax_world_wide_web 02_31_i
hitachi groupmax_world_wide_web 3
hitachi groupmax_world_wide_web 03_00
hitachi groupmax_world_wide_web 03_10_h
hitachi groupmax_world_wide_web 03_11_b
hitachi groupmax_world_wide_web_desktop 5
hitachi groupmax_world_wide_web_desktop 05_00
hitachi groupmax_world_wide_web_desktop 05_11_f
hitachi groupmax_world_wide_web_desktop 05_11_i
hitachi groupmax_world_wide_web_desktop 05_11_j
hitachi groupmax_world_wide_web_desktop 6
hitachi groupmax_world_wide_web_desktop 06_00
hitachi groupmax_world_wide_web_desktop 06_50_b
hitachi groupmax_world_wide_web_desktop 06_50_c
hitachi groupmax_world_wide_web_desktop 06_51
hitachi groupmax_world_wide_web_desktop 06_51
hitachi groupmax_world_wide_web_desktop 06_51_b
hitachi groupmax_world_wide_web_desktop 06_51_c
hitachi groupmax_world_wide_web_desktop 06_52
hitachi groupmax_world_wide_web_desktop 06_52
hitachi groupmax_world_wide_web_desktop 06_52_b
hitachi groupmax_world_wide_web_desktop gold
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92F603-AD3F-4308-A1CB-19C3520BD9D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:02_00:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DB68FE-C47E-4B81-93C4-DC864FCA025D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:02_20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD40CA2E-B904-4447-A5B5-F29D7BCE14F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:02_20_a:*:*:*:*:*:*:*",
              "matchCriteriaId": "74813442-83C0-4BB5-BF80-153F24E9C784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:02_31_i:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3F09B3-A630-4AD2-BCBB-7FEE84ABE233",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F7921EB-BE36-4E86-A27F-2299F207BD9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:03_00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D52116E-3F2D-4902-BDF9-3636887FD605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:03_10_h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B41B9635-F155-4568-BC02-8DB5E5856798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web:03_11_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C27C4AF-DB0A-4D83-B812-A2BE2871D718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5220355B-6334-44E9-BFC8-331129C2AFE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_00:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D1F873-4348-407C-96E7-63B75827941C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_f:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DBE5F6F-BB80-4762-AAB3-D30C6FC8A3B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_i:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A57E9D-3FC5-443E-9671-0CF76440A11E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:05_11_j:*:*:*:*:*:*:*",
              "matchCriteriaId": "4908E99C-D9B1-4EBD-B9F0-74FFED092FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:6:*:*:*:*:*:*:*",
              "matchCriteriaId": "06631C10-25DC-4733-A1D2-F37556978AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_00:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A012F2-A12D-45D0-95F0-4ECD97FD49AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_50_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C74B3CD8-3D60-472E-97CB-37CF1BDFF371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_50_c:*:*:*:*:*:*:*",
              "matchCriteriaId": "72344FDE-11AA-4142-8367-9C76F33DB702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAF89A0-E719-4273-890E-319EA8B81C23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51:*:jichitai:*:*:*:*:*",
              "matchCriteriaId": "DDCC2769-BE0E-4AB0-8192-C0B9CCA23BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDAC245A-9C8C-4E90-86D7-7EFF829B1F36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_51_c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8580D3CE-98F0-4A07-8B92-50609EA333FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52:*:*:*:*:*:*:*",
              "matchCriteriaId": "B344E3DA-A767-4868-B249-873B1A67B016",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52:*:jichitai:*:*:*:*:*",
              "matchCriteriaId": "2F6136B7-F035-42DB-920B-D421451AD267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:06_52_b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B17C3BFE-8AB7-4FDB-9EEC-F8EE1B566246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hitachi:groupmax_world_wide_web_desktop:gold:*:jichitai:*:*:*:*:*",
              "matchCriteriaId": "F4E726B3-7120-42B3-BC90-CB08BB1FBB9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter."
    }
  ],
  "id": "CVE-2004-2493",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/13321"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/12153"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/11773"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/13321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/12153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/11773"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18278"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.