All the vulnerabilites related to Hitachi, Ltd - uCosminexus Developer Light
jvndb-2016-008607
Vulnerability from jvndb
Published
2017-06-30 15:55
Modified
2019-07-25 14:14
Severity ?
Summary
Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
Details
A vulnerability (CVE-2016-8743) exists in Cosminexus HTTP Server and Hitachi Web Server.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008607.html", "dc:date": "2019-07-25T14:14+09:00", "dcterms:issued": "2017-06-30T15:55+09:00", "dcterms:modified": "2019-07-25T14:14+09:00", "description": "A vulnerability (CVE-2016-8743) exists in Cosminexus HTTP Server and Hitachi Web Server.", "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008607.html", "sec:cpe": [ { "#text": "cpe:/a:apache:http_server", "@product": "Apache HTTP Server", "@vendor": "Apache Software Foundation", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_http_server", "@product": "Cosminexus HTTP Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_application_server", "@product": "Hitachi Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers", "@product": "Hitachi Application Server for Developers", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:it_operations_director", "@product": "Hitachi IT Operations Director", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:job_management_partner_1%2Fit_desktop_management", "@product": "Job Management Partner 1/IT Desktop Management", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:job_management_partner_1%2Fit_desktop_management-manager", "@product": "Job Management Partner 1/IT Desktop Management - Manager", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:job_management_partner_1_integrated_management", "@product": "Job Management Partner 1/Integrated Management", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:job_management_partner_1_performance_management_web_console", "@product": "Job Management Partner 1/Performance Management - Web Console", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1%2fautomatic_operation", "@product": "JP1/Automatic Operation", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1%2Fit_desktop_management-manager", "@product": "JP1/IT Desktop Management - Manager", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1%2fperformance_management", "@product": "JP1/Performance Management", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1_automatic_job_management_system_3", "@product": "JP1/Automatic Job Management System 3", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1_integrated_management", "@product": "JP1/Integrated Management", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1_it_desktop_management", "@product": "JP1/IT Desktop Management", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1_operation_analytics", "@product": "JP1/Operations Analytics", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:jp1_service_support", "@product": "JP1/Service Support", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_primary_server", "@product": "uCosminexus Primary Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": [ { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, { "@score": "4.0", "@severity": "Medium", "@type": "Base", "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", "@version": "3.0" } ], "sec:identifier": "JVNDB-2016-008607", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743", "@id": "CVE-2016-8743", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975", "@id": "CVE-2016-4975", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-8743", "@id": "CVE-2016-8743", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975", "@id": "CVE-2016-4975", "@source": "NVD" }, { "#text": "https://cwe.mitre.org/data/definitions/19.html", "@id": "CWE-19", "@title": "Data Handling(CWE-19)" } ], "title": "Vulnerability in Cosminexus HTTP Server and Hitachi Web Server" }
jvndb-2005-000601
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-22 18:04
Summary
OpenSSL version rollback vulnerability
Details
OpenSSL from OpenSSL Project contains a version rollback vulnerability. If a specific option is used on a server running OpenSSL, an attacker can force the client and the server to negotiate the SSL 2.0 protocol even if these parties both request TLS 1.0 protocol by crafting an attack on the communication path.
RFC 2246, defining the TLS protocol, defines that when TLS 1.0 is available, SSL 2.0 should not be used in order to avoid version rollback attacks.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000601.html", "dc:date": "2014-05-22T18:04+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-22T18:04+09:00", "description": "OpenSSL from OpenSSL Project contains a version rollback vulnerability. If a specific option is used on a server running OpenSSL, an attacker can force the client and the server to negotiate the SSL 2.0 protocol even if these parties both request TLS 1.0 protocol by crafting an attack on the communication path.\r\n\r\nRFC 2246, defining the TLS protocol, defines that when TLS 1.0 is available, SSL 2.0 should not be used in order to avoid version rollback attacks.", "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000601.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:openssl:openssl", "@product": "OpenSSL", "@vendor": "OpenSSL Project", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:interscan_messaging_security_suite", "@product": "InterScan Messaging Security Suite", "@vendor": "Trend Micro, Inc.", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:interscan_viruswall", "@product": "TrendMicro InterScan VirusWall", "@vendor": "Trend Micro, Inc.", "@version": "2.2" }, { "#text": "cpe:/a:trendmicro:interscan_web_security_suite", "@product": "TrendMicro InterScan Web Security Suite", "@vendor": "Trend Micro, Inc.", "@version": "2.2" }, { "#text": "cpe:/h:fujitsu:fmse-c301", "@product": "FMSE-C301", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/h:fujitsu:ipcom", "@product": "IPCOM Series", "@vendor": "FUJITSU", "@version": "2.2" }, { "#text": "cpe:/o:hp:hp-ux", "@product": "HP-UX", "@vendor": "Hewlett-Packard Development Company,L.P", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:linux_advanced_workstation", "@product": "Red Hat Linux Advanced Workstation", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:sun:solaris", "@product": "Sun Solaris", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_appliance_server", "@product": "Turbolinux Appliance Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_fuji", "@product": "Turbolinux FUJI", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_multimedia", "@product": "Turbolinux Multimedia", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_personal", "@product": "Turbolinux Personal", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_wizpy", "@product": "wizpy", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "2.6", "@severity": "Low", "@type": "Base", "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2005-000601", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN23632449/index.html", "@id": "JVN#23632449", "@source": "JVN" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/17151/", "@id": "SA17151", "@source": "SECUNIA" }, { "#text": "http://www.securityfocus.com/bid/15071", "@id": "15071", "@source": "BID" }, { "#text": "http://www.securiteam.com/securitynews/6Y00D0AEBW.html", "@id": "6Y00D0AEBW", "@source": "SECTEAM" }, { "#text": "http://www.frsirt.com/english/advisories/2005/2036", "@id": "FrSIRT/ADV-2005-2036", "@source": "FRSIRT" } ], "title": "OpenSSL version rollback vulnerability" }
jvndb-2009-001741
Vulnerability from jvndb
Published
2009-07-14 10:17
Modified
2014-05-21 18:16
Summary
Hitachi Web Server Vulnerability in SSL Client Authentication
Details
Hitachi Web Server contains a vulnerability in handling SSL client
certificates, which could allow an attacker to manipulate environment
variables and/or spoof the client to access Web servers.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001741.html", "dc:date": "2014-05-21T18:16+09:00", "dcterms:issued": "2009-07-14T10:17+09:00", "dcterms:modified": "2014-05-21T18:16+09:00", "description": "Hitachi Web Server contains a vulnerability in handling SSL client\r\ncertificates, which could allow an attacker to manipulate environment\r\nvariables and/or spoof the client to access Web servers.", "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001741.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "4.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2009-001741", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0555", "@id": "CVE-2008-0555", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0555", "@id": "CVE-2008-0555", "@source": "NVD" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-noinfo", "@title": "No Mapping(CWE-noinfo)" } ], "title": "Hitachi Web Server Vulnerability in SSL Client Authentication" }
jvndb-2006-000992
Vulnerability from jvndb
Published
2009-02-04 17:42
Modified
2014-05-22 18:03
Summary
Multiple Vulnerabilities Concerning Hitachi Web Server
Details
Hitachi Web Server has vulnerabilities listed below:
1. A vulnerability that allows to roll back the Open SSL version when using the SSL.
2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server.
3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html", "dc:date": "2014-05-22T18:03+09:00", "dcterms:issued": "2009-02-04T17:42+09:00", "dcterms:modified": "2014-05-22T18:03+09:00", "description": "Hitachi Web Server has vulnerabilities listed below:\r\n\r\n1. A vulnerability that allows to roll back the Open SSL version when using the SSL.\r\n\r\n2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server.\r\n\r\n3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.", "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2006-000992", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918", "@id": "CVE-2006-3918", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0514", "@id": "CVE-2007-0514", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2969", "@id": "CVE-2005-2969", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3918", "@id": "CVE-2006-3918", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0514", "@id": "CVE-2007-0514", "@source": "NVD" }, { "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000992.html", "@id": "JVNDB-2006-000992", "@source": "JVNDB_Ja" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-noinfo", "@title": "No Mapping(CWE-noinfo)" } ], "title": "Multiple Vulnerabilities Concerning Hitachi Web Server" }
jvndb-2007-000772
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-23 18:32
Summary
Hitachi Web Server SSL Client Authentication Vulnerability
Details
Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.
The vulnerability does not affect the product if the SSL authenticaton client feature is disabled.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "dc:date": "2014-05-23T18:32+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-23T18:32+09:00", "description": "Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.\r\n\r\nThe vulnerability does not affect the product if the SSL authenticaton client feature is disabled.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000772", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/27421", "@id": "SA27421", "@source": "SECUNIA" }, { "#text": "http://xforce.iss.net/xforce/xfdb/28755", "@id": "28755", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/3666", "@id": "FrSIRT/ADV-2007-3666", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-20", "@title": "Improper Input Validation(CWE-20)" } ], "title": "Hitachi Web Server SSL Client Authentication Vulnerability" }
jvndb-2005-000727
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-22 18:03
Summary
mod_imap cross-site scripting vulnerability
Details
The "mod_imap" and "mod_imagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing.
mod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html", "dc:date": "2014-05-22T18:03+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-22T18:03+09:00", "description": "The \"mod_imap\" and \"mod_imagemap\" modules of the Apache HTTP Server are used for implementing server-side image map processing.\r\nmod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.", "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html", "sec:cpe": [ { "#text": "cpe:/a:apache:http_server", "@product": "Apache HTTP Server", "@vendor": "Apache Software Foundation", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:ibm:http_server", "@product": "IBM HTTP Server", "@vendor": "IBM Corporation", "@version": "2.2" }, { "#text": "cpe:/a:oracle:http_server", "@product": "Oracle HTTP Server", "@vendor": "Oracle Corporation", "@version": "2.2" }, { "#text": "cpe:/o:apple:mac_os_x", "@product": "Apple Mac OS X", "@vendor": "Apple Inc.", "@version": "2.2" }, { "#text": "cpe:/o:apple:mac_os_x_server", "@product": "Apple Mac OS X Server", "@vendor": "Apple Inc.", "@version": "2.2" }, { "#text": "cpe:/o:hp:hp-ux", "@product": "HP-UX", "@vendor": "Hewlett-Packard Development Company,L.P", "@version": "2.2" }, { "#text": "cpe:/o:misc:miraclelinux_asianux_server", "@product": "Asianux Server", "@vendor": "Cybertrust Japan Co., Ltd.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:enterprise_linux", "@product": "Red Hat Enterprise Linux", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:redhat:linux_advanced_workstation", "@product": "Red Hat Linux Advanced Workstation", "@vendor": "Red Hat, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:sun:solaris", "@product": "Sun Solaris", "@vendor": "Sun Microsystems, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux", "@product": "Turbolinux", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_desktop", "@product": "Turbolinux Desktop", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_fuji", "@product": "Turbolinux FUJI", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_home", "@product": "Turbolinux Home", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_multimedia", "@product": "Turbolinux Multimedia", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_personal", "@product": "Turbolinux Personal", "@vendor": "Turbolinux, Inc.", "@version": "2.2" }, { "#text": "cpe:/o:turbolinux:turbolinux_server", "@product": "Turbolinux Server", "@vendor": "Turbolinux, Inc.", "@version": "2.2" } ], "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2005-000727", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN06045169/index.html", "@id": "JVN#06045169", "@source": "JVN" }, { "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html", "@id": "TRTA08-079A", "@source": "JVNTR" }, { "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html", "@id": "TRTA08-150A", "@source": "JVNTR" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3352", "@id": "CVE-2005-3352", "@source": "NVD" }, { "#text": "http://www.us-cert.gov/cas/alerts/SA08-079A.html", "@id": "SA08-079A", "@source": "CERT-SA" }, { "#text": "http://www.us-cert.gov/cas/alerts/SA08-150A.html", "@id": "SA08-150A", "@source": "CERT-SA" }, { "#text": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html", "@id": "TA08-079A", "@source": "CERT-TA" }, { "#text": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", "@id": "TA08-150A", "@source": "CERT-TA" }, { "#text": "http://www.securityfocus.com/bid/15834", "@id": "15834", "@source": "BID" } ], "title": "mod_imap cross-site scripting vulnerability" }
jvndb-2012-000079
Vulnerability from jvndb
Published
2012-08-30 13:57
Modified
2014-05-23 18:34
Summary
Adobe Reader fails to properly handle signatures
Details
Adobe Reader fails to properly handle RSA signatures.
Adobe Reader contains an issue where it may fail to properly verify RSA signatures.
Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
▼ | Type | URL |
---|---|---|
JVN | https://jvn.jp/en/jp/JVN51615542/index.html | |
CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 | |
NVD | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339 | |
CERT-VN | http://www.kb.cert.org/vuls/id/845620 | |
Credentials Management(CWE-255) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html", "dc:date": "2014-05-23T18:34+09:00", "dcterms:issued": "2012-08-30T13:57+09:00", "dcterms:modified": "2014-05-23T18:34+09:00", "description": "Adobe Reader fails to properly handle RSA signatures.\r\n\r\nAdobe Reader contains an issue where it may fail to properly verify RSA signatures.\r\n\r\nMasahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html", "sec:cpe": [ { "#text": "cpe:/a:adobe:acrobat_reader", "@product": "Adobe Reader", "@vendor": "Adobe Inc.", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2012-000079", "sec:references": [ { "#text": "https://jvn.jp/en/jp/JVN51615542/index.html", "@id": "JVN#51615542", "@source": "JVN" }, { "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "NVD" }, { "#text": "http://www.kb.cert.org/vuls/id/845620", "@id": "US-CERT Vulnerability Note VU#845620", "@source": "CERT-VN" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-255", "@title": "Credentials Management(CWE-255)" } ], "title": "Adobe Reader fails to properly handle signatures" }
jvndb-2013-001321
Vulnerability from jvndb
Published
2013-02-12 14:24
Modified
2013-02-12 14:24
Summary
User Authentication Vulnerability in Operational Management Function of Cosminexus
Details
The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached.
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-001321.html", "dc:date": "2013-02-12T14:24+09:00", "dcterms:issued": "2013-02-12T14:24+09:00", "dcterms:modified": "2013-02-12T14:24+09:00", "description": "The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached.", "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-001321.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_component_container", "@product": "Cosminexus Component Container", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "6.8", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "@version": "2.0" }, "sec:identifier": "JVNDB-2013-001321", "sec:references": { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-287", "@title": "Improper Authentication(CWE-287)" }, "title": "User Authentication Vulnerability in Operational Management Function of Cosminexus" }
jvndb-2013-005669
Vulnerability from jvndb
Published
2013-12-25 19:13
Modified
2013-12-25 19:13
Summary
Xml eXternal Entity Vulnerability in Hitachi Cosminexus
Details
When using Cosminexus JAX-WS, XXE (Xml eXternal Entity) in Hitachi Cosminexus Component Container contains a vulnerability that may cause information leakage.
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-005669.html", "dc:date": "2013-12-25T19:13+09:00", "dcterms:issued": "2013-12-25T19:13+09:00", "dcterms:modified": "2013-12-25T19:13+09:00", "description": "When using Cosminexus JAX-WS, XXE (Xml eXternal Entity) in Hitachi Cosminexus Component Container contains a vulnerability that may cause information leakage.", "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-005669.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_component_container", "@product": "Cosminexus Component Container", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server", "@product": "uCosminexus Application Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition", "@product": "uCosminexus Application Server Smart Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "2.6", "@severity": "Low", "@type": "Base", "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2013-005669", "sec:references": { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-200", "@title": "Information Exposure(CWE-200)" }, "title": "Xml eXternal Entity Vulnerability in Hitachi Cosminexus" }
jvndb-2007-000773
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-21 18:27
Summary
Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page
Details
When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines.
The vulnerability does not affect the product if the server-status reporting feature is disabled.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000773.html", "dc:date": "2014-05-21T18:27+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-21T18:27+09:00", "description": "When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines.\r\n\r\nThe vulnerability does not affect the product if the server-status reporting feature is disabled.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000773.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000773", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5809", "@id": "CVE-2007-5809", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752", "@id": "CVE-2006-5752", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5809", "@id": "CVE-2007-5809", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5752", "@id": "CVE-2006-5752", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/27421", "@id": "SA27421", "@source": "SECUNIA" }, { "#text": "http://www.frsirt.com/english/advisories/2007/3666", "@id": "FrSIRT/ADV-2007-3666", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" } ], "title": "Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page" }
jvndb-2008-001513
Vulnerability from jvndb
Published
2008-07-30 13:45
Modified
2014-05-21 18:19
Summary
Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function
Details
A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001513.html", "dc:date": "2014-05-21T18:19+09:00", "dcterms:issued": "2008-07-30T13:45+09:00", "dcterms:modified": "2014-05-21T18:19+09:00", "description": "A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.", "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001513.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2008-001513", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388", "@id": "CVE-2007-6388", "@source": "CVE" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6388", "@id": "CVE-2007-6388", "@source": "NVD" }, { "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001513.html", "@id": "JVNDB-2008-001513", "@source": "JVNDB_Ja" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-79", "@title": "Cross-site Scripting(CWE-79)" } ], "title": "Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function" }