Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-4564
HistoryAug 28, 2007 - 1:17 a.m.

CVE-2007-4564

2007-08-2801:17:00
CWE-264
[email protected]
web.nvd.nist.gov
26
cve-2007-4564
cosminexus manager
application server
user group permissions
local privilege escalation
security vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user’s group permissions to logical user server processes, which allows local users to gain privileges.

Affected configurations

NVD
Node
hitachicosminexus_application_server_enterpriseMatch06_50aix
OR
hitachicosminexus_application_server_enterpriseMatch06_50hpux
OR
hitachicosminexus_application_server_enterpriseMatch06_50linux
OR
hitachicosminexus_application_server_enterpriseMatch06_50linux_ipf
OR
hitachicosminexus_application_server_enterpriseMatch06_50solaris
OR
hitachicosminexus_application_server_enterpriseMatch06_50_blinux_ipf
OR
hitachicosminexus_application_server_enterpriseMatch06_50_clinux
OR
hitachicosminexus_application_server_enterpriseMatch06_50_c_1hpux_ipf
OR
hitachicosminexus_application_server_enterpriseMatch06_50_c_1solaris
OR
hitachicosminexus_application_server_enterpriseMatch06_50_e_1hpux
OR
hitachicosminexus_application_server_enterpriseMatch06_50_faix
OR
hitachicosminexus_application_server_enterpriseMatch06_51linux_ipf
OR
hitachicosminexus_application_server_enterpriseMatch06_51_b_1linux_ipf
OR
hitachicosminexus_application_server_enterpriseMatch06_51_clinux
OR
hitachicosminexus_application_server_standardMatch06_50aix
OR
hitachicosminexus_application_server_standardMatch06_50hpux
OR
hitachicosminexus_application_server_standardMatch06_50hpux_ipf
OR
hitachicosminexus_application_server_standardMatch06_50linux
OR
hitachicosminexus_application_server_standardMatch06_50linux_ipf
OR
hitachicosminexus_application_server_standardMatch06_50_blinux_ipf
OR
hitachicosminexus_application_server_standardMatch06_50_clinux
OR
hitachicosminexus_application_server_standardMatch06_50_c_1hpux_ipf
OR
hitachicosminexus_application_server_standardMatch06_50_c_1solaris
OR
hitachicosminexus_application_server_standardMatch06_50_e_1hpux
OR
hitachicosminexus_application_server_standardMatch06_50_faix
OR
hitachicosminexus_application_server_standardMatch06_51linux
OR
hitachicosminexus_application_server_standardMatch06_51linux_ipf
OR
hitachicosminexus_application_server_standardMatch06_51_b_1linux
OR
hitachicosminexus_application_server_standardMatch06_51_clinux
OR
hitachielectronic_form_workflow_-_standard_setMatch07_00linux
OR
hitachielectronic_form_workflow_-_standard_setMatch07_00_blinux
OR
hitachielectronic_form_workflow_-professional_library_setMatch07_00linux
OR
hitachielectronic_form_workflow_-professional_library_setMatch07_00_blinux
OR
hitachiucosminexus_application_server_enterpriseMatch06_70aix
OR
hitachiucosminexus_application_server_enterpriseMatch06_70solaris
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_aaix
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_asolaris
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_baix
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_bhpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_blinux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_bsolaris
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_b_1linux
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_daix
OR
hitachiucosminexus_application_server_enterpriseMatch06_70_ghpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch06_71linux
OR
hitachiucosminexus_application_server_enterpriseMatch06_71_bhpux
OR
hitachiucosminexus_application_server_enterpriseMatch06_71_blinux
OR
hitachiucosminexus_application_server_enterpriseMatch06_71_csolaris
OR
hitachiucosminexus_application_server_enterpriseMatch06_72_1hpux
OR
hitachiucosminexus_application_server_enterpriseMatch06_72_blinux
OR
hitachiucosminexus_application_server_enterpriseMatch06_72_blinux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch06_72_ghpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07-00-01linux
OR
hitachiucosminexus_application_server_enterpriseMatch07_00aix
OR
hitachiucosminexus_application_server_enterpriseMatch07_00hpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_00linux
OR
hitachiucosminexus_application_server_enterpriseMatch07_00solaris
OR
hitachiucosminexus_application_server_enterpriseMatch07_00_12hpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_10aix
OR
hitachiucosminexus_application_server_enterpriseMatch07_10hpux
OR
hitachiucosminexus_application_server_enterpriseMatch07_10hpux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_10linux
OR
hitachiucosminexus_application_server_enterpriseMatch07_10linux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_10_1linux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_10_06linux_ipf
OR
hitachiucosminexus_application_server_enterpriseMatch07_10_08hpux_ipf
OR
hitachiucosminexus_application_server_standardMatch06_70solaris
OR
hitachiucosminexus_application_server_standardMatch06_70_aaix
OR
hitachiucosminexus_application_server_standardMatch06_70_asolaris
OR
hitachiucosminexus_application_server_standardMatch06_70_baix
OR
hitachiucosminexus_application_server_standardMatch06_70_bhpux
OR
hitachiucosminexus_application_server_standardMatch06_70_blinux_ipf
OR
hitachiucosminexus_application_server_standardMatch06_70_bsolaris
OR
hitachiucosminexus_application_server_standardMatch06_70_b_1linux
OR
hitachiucosminexus_application_server_standardMatch06_70_csolaris
OR
hitachiucosminexus_application_server_standardMatch06_70_daix
OR
hitachiucosminexus_application_server_standardMatch06_71linux
OR
hitachiucosminexus_application_server_standardMatch06_71_blinux
OR
hitachiucosminexus_application_server_standardMatch06_72_1hpux
OR
hitachiucosminexus_application_server_standardMatch06_72_b_1linux
OR
hitachiucosminexus_application_server_standardMatch06_72_csolaris
OR
hitachiucosminexus_application_server_standardMatch06_72_daix
OR
hitachiucosminexus_application_server_standardMatch06_72_ghpux_ipf
OR
hitachiucosminexus_application_server_standardMatch07_00aix
OR
hitachiucosminexus_application_server_standardMatch07_00hpux_ipf
OR
hitachiucosminexus_application_server_standardMatch07_00linux
OR
hitachiucosminexus_application_server_standardMatch07_00solaris
OR
hitachiucosminexus_application_server_standardMatch07_00_1linux
OR
hitachiucosminexus_application_server_standardMatch07_10hpux
OR
hitachiucosminexus_application_server_standardMatch07_10hpux_ipf
OR
hitachiucosminexus_application_server_standardMatch07_10linux
OR
hitachiucosminexus_application_server_standardMatch07_10linux_ipf
OR
hitachiucosminexus_service_platformMatch07_00linux
OR
hitachiucosminexus_service_platformMatch07_10aix
OR
hitachiucosminexus_service_platformMatch07_10linux
CPENameOperatorVersion
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50_b
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50_c
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50_c_1
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50_e_1
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_50_f
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_51
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_51_b_1
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterpriseeq06_51_c
hitachi:cosminexus_application_server_standardhitachi cosminexus application server standardeq06_50
Rows per page:
1-10 of 591

Related

prion 1
cvelist 1
nvd 1
prion
prion
Code injection
2007-08-28 01:17:00
cvelist
cvelist
CVE-2007-4564
2007-08-28 01:00:00
nvd
nvd
CVE-2007-4564
2007-08-28 01:17:00

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2007-4564
prion1cvelist1nvd1