Lucene search

[email protected]CVE-2007-1854

HistoryApr 03, 2007 - 4:19 p.m.

CVE-2007-1854

2007-04-0316:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

hitachi

cosminexus

component

container

vulnerability

session management

nvd

cve-2007-1854

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to “unintended other requests.”

CPENameOperatorVersion
hitachi:cosminexus_component_containerhitachi cosminexus component containereq07_10_04
hitachi:ucosminexus_erp_integratorhitachi ucosminexus erp integratoreq*
hitachi:ucosminexus_application_serverhitachi ucosminexus application servereq*
hitachi:ucosminexus_service_platformhitachi ucosminexus service platformeq*
hitachi:ucosminexus_developerhitachi ucosminexus developereq*
hitachi:electronic_form_workflowhitachi electronic form workfloweq*
hitachi:cosminexus_component_containerhitachi cosminexus component containereq07_00_11
hitachi:ucosminexus_service_architecthitachi ucosminexus service architecteq*

CPE	Name	Operator	Version
hitachi:cosminexus_component_container	hitachi cosminexus component container	eq	07_10_04
hitachi:ucosminexus_erp_integrator	hitachi ucosminexus erp integrator	eq	*
hitachi:ucosminexus_application_server	hitachi ucosminexus application server	eq	*
hitachi:ucosminexus_service_platform	hitachi ucosminexus service platform	eq	*
hitachi:ucosminexus_developer	hitachi ucosminexus developer	eq	*
hitachi:electronic_form_workflow	hitachi electronic form workflow	eq	*
hitachi:cosminexus_component_container	hitachi cosminexus component container	eq	07_00_11
hitachi:ucosminexus_service_architect	hitachi ucosminexus service architect	eq	*

References

osvdb.org/34768

secunia.com/advisories/24683

www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html

www.securityfocus.com/bid/23213

www.vupen.com/english/advisories/2007/1170

exchange.xforce.ibmcloud.com/vulnerabilities/33318

7.4 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2007-1854

prion1