Lucene search

[email protected]CVE-2007-5810

HistoryNov 05, 2007 - 5:46 p.m.

CVE-2007-5810

2007-11-0517:46:00

CWE-20

[email protected]

web.nvd.nist.gov

hitachi web server

ssl validation

authentication spoofing

cve-2007-5810

nvd

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.4%

JSON

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

CPENameOperatorVersion
hitachi:web_serverhitachi web servereq02_02
hitachi:ucosminexus_application_server_standardhitachi ucosminexus application server standardle07_50_01
hitachi:ucosminexus_developer_standardhitachi ucosminexus developer standardle07_50_01
hitachi:web_serverhitachi web servereq01_02_d
hitachi:web_serverhitachi web servereq02_00
hitachi:cosminexus_application_server_enterprisehitachi cosminexus application server enterprisele06_51_j
hitachi:web_serverhitachi web servereq02_04_b
hitachi:ucosminexus_developer_lighthitachi ucosminexus developer lightle06_71_d
hitachi:cosminexus_developer_standard_version_6hitachi cosminexus developer standard version 6le06_51_j
hitachi:ucosminexus_service_platformhitachi ucosminexus service platformle07_50_01

CPE	Name	Operator	Version
hitachi:web_server	hitachi web server	eq	02_02
hitachi:ucosminexus_application_server_standard	hitachi ucosminexus application server standard	le	07_50_01
hitachi:ucosminexus_developer_standard	hitachi ucosminexus developer standard	le	07_50_01
hitachi:web_server	hitachi web server	eq	01_02_d
hitachi:web_server	hitachi web server	eq	02_00
hitachi:cosminexus_application_server_enterprise	hitachi cosminexus application server enterprise	le	06_51_j
hitachi:web_server	hitachi web server	eq	02_04_b
hitachi:ucosminexus_developer_light	hitachi ucosminexus developer light	le	06_71_d
hitachi:cosminexus_developer_standard_version_6	hitachi cosminexus developer standard version 6	le	06_51_j
hitachi:ucosminexus_service_platform	hitachi ucosminexus service platform	le	07_50_01

Rows per page:

1-10 of 251

References

osvdb.org/42026

secunia.com/advisories/27421

www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html

www.securityfocus.com/bid/26271

www.vupen.com/english/advisories/2007/3666

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.4%

JSON

Related for CVE-2007-5810

prion1 cisco1