2 matches found
CVE-2007-5810
Hitachi Web Server versions 01-00 to 03-00-01 (as used by Cosminexus) do not properly validate SSL client certificates, allowing remote attackers to spoof authentication with a forged certificate. The vulnerability is mitigated if SSL client authentication is disabled; no explicit patch/version i...
CVE-2007-5809
The CVE-2007-5809 entry describes a cross-site scripting (XSS) vulnerability in Hitachi Web Server versions 01-00 through 03-10 (as used by certain Cosminexus products). The issue arises when an attacker sends HTTP requests that trigger the server’s automatic creation of a server-status page, all...