Lucene search

[email protected]CVE-2007-1786

HistoryMar 31, 2007 - 10:19 a.m.

CVE-2007-1786

2007-03-3110:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1786

sql injection

hitachi collaboration

online community management

groupmax collaboration portal

ucosminexus collaboration portal

remote code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.8%

JSON

SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

hitachicosminexus_collaboration_portal

hitachigroupmax_collaboration_portal

hitachigroupmax_collaboration_web_client

hitachiucosminexus_collaboration_portal

hitachiucosminexus_content_manager

CPENameOperatorVersion
hitachi:cosminexus_collaboration_portalhitachi cosminexus collaboration portaleq*
hitachi:groupmax_collaboration_portalhitachi groupmax collaboration portaleq*
hitachi:groupmax_collaboration_web_clienthitachi groupmax collaboration web clienteq*
hitachi:ucosminexus_collaboration_portalhitachi ucosminexus collaboration portaleq*
hitachi:ucosminexus_content_managerhitachi ucosminexus content managereq*

CPE	Name	Operator	Version
hitachi:cosminexus_collaboration_portal	hitachi cosminexus collaboration portal	eq	*
hitachi:groupmax_collaboration_portal	hitachi groupmax collaboration portal	eq	*
hitachi:groupmax_collaboration_web_client	hitachi groupmax collaboration web client	eq	*
hitachi:ucosminexus_collaboration_portal	hitachi ucosminexus collaboration portal	eq	*
hitachi:ucosminexus_content_manager	hitachi ucosminexus content manager	eq	*

References

osvdb.org/34544

secunia.com/advisories/24693

www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html

www.securityfocus.com/bid/23208

www.vupen.com/english/advisories/2007/1168

exchange.xforce.ibmcloud.com/vulnerabilities/33348

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.8%

JSON

Related for CVE-2007-1786

prion1 nvd1 cvelist1