Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

JVNDB-2026-003906

Vulnerability from jvndb - Published: 2026-02-17 20:46 - Updated:2026-02-17 20:46

Summary

Multiple Vulnerabilities in Cosminexus

Details

Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2026-21925
	CVE	https://www.cve.org/CVERecord?id=CVE-2026-21932
	CVE	https://www.cve.org/CVERecord?id=CVE-2026-21933
	CVE	https://www.cve.org/CVERecord?id=CVE-2026-21945

Impacted products

Vendor

Product

	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	uCosminexus Application Server(64)
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	uCosminexus Application Runtime with Java for Apache Tomcat
	Hitachi, Ltd	uCosminexus Application Runtime with Java for Spring Boot
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Operator for Service Platform
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Primary Server Base(64)
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	Hitachi, Ltd	uCosminexus Service Platform(64)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003906.html",
  "dc:date": "2026-02-17T20:46+09:00",
  "dcterms:issued": "2026-02-17T20:46+09:00",
  "dcterms:modified": "2026-02-17T20:46+09:00",
  "description": "Cosminexus Developer\u0027s Kit for Java(TM) and Hitachi Developer\u0027s Kit for Java contain the following vulnerabilities:\r\n\r\nCVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003906.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server64",
      "@product": "uCosminexus Application Server(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_runtime_with_java_for_apache_tomcat",
      "@product": "uCosminexus Application Runtime with Java for Apache Tomcat",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_runtime_with_java_for_spring_boot",
      "@product": "uCosminexus Application Runtime with Java for Spring Boot",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator_for_service_platform",
      "@product": "uCosminexus Operator for Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base64",
      "@product": "uCosminexus Primary Server Base(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform_64",
      "@product": "uCosminexus Service Platform(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-003906",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-21925",
      "@id": "CVE-2026-21925",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-21932",
      "@id": "CVE-2026-21932",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-21933",
      "@id": "CVE-2026-21933",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-21945",
      "@id": "CVE-2026-21945",
      "@source": "CVE"
    }
  ],
  "title": "Multiple Vulnerabilities in Cosminexus"
}

JVNDB-2026-003910

Vulnerability from jvndb - Published: 2026-02-17 20:46 - Updated:2026-02-17 20:46

Summary

Multiple Vulnerabilities in Cosminexus HTTP Server

Details

Multiple vulnerabilities have been found in Cosminexus HTTP Server. CVE-2025-49630, CVE-2025-53020 These vulnerabilities does not apply if HTTP/2 protocol is disabled.

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2025-49630
	CVE	https://www.cve.org/CVERecord?id=CVE-2025-53020

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003910.html",
  "dc:date": "2026-02-17T20:46+09:00",
  "dcterms:issued": "2026-02-17T20:46+09:00",
  "dcterms:modified": "2026-02-17T20:46+09:00",
  "description": "Multiple vulnerabilities have been found in Cosminexus HTTP Server.\r\n\r\nCVE-2025-49630, CVE-2025-53020\r\n\r\nThese vulnerabilities does not apply if HTTP/2 protocol is disabled.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003910.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-003910",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-49630",
      "@id": "CVE-2025-49630",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-53020",
      "@id": "CVE-2025-53020",
      "@source": "CVE"
    }
  ],
  "title": "Multiple Vulnerabilities in Cosminexus HTTP Server"
}

JVNDB-2026-003912

Vulnerability from jvndb - Published: 2026-02-17 20:46 - Updated:2026-02-17 20:46

Summary

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Details

Vulnerability has been found in Cosminexus HTTP Server and Hitachi Web Server. CVE-2024-43204

References

Type

URL

CVE

https://www.cve.org/CVERecord?id=CVE-2024-43204

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	uCosminexus Application Server(64)
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Primary Server Base(64)
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	Hitachi, Ltd	uCosminexus Service Platform(64)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003912.html",
  "dc:date": "2026-02-17T20:46+09:00",
  "dcterms:issued": "2026-02-17T20:46+09:00",
  "dcterms:modified": "2026-02-17T20:46+09:00",
  "description": "Vulnerability has been found in Cosminexus HTTP Server and Hitachi Web Server.\r\n\r\nCVE-2024-43204",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003912.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server64",
      "@product": "uCosminexus Application Server(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base64",
      "@product": "uCosminexus Primary Server Base(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform_64",
      "@product": "uCosminexus Service Platform(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-003912",
  "sec:references": {
    "#text": "https://www.cve.org/CVERecord?id=CVE-2024-43204",
    "@id": "CVE-2024-43204",
    "@source": "CVE"
  },
  "title": "Vulnerability in Cosminexus HTTP Server and Hitachi Web Server"
}

JVNDB-2026-003905

Vulnerability from jvndb - Published: 2026-02-17 20:46 - Updated:2026-02-17 20:46

Summary

Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server

Details

Multiple vulnerabilities have been found in Cosminexus HTTP Server and Hitachi Web Server. CVE-2024-42516, CVE-2024-47252 CVE-2024-47252 is not exploitable when SSL is not enabled.

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2024-42516
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-47252

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	uCosminexus Application Server(64)
	Hitachi, Ltd	uCosminexus Application Server Express
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	Hitachi Web Server - Custom Edition
	Hitachi, Ltd	Programming Environment for Java
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Application Server Standard-R
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer 01
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Professional
	Hitachi, Ltd	uCosminexus Developer Professional for ATM
	Hitachi, Ltd	uCosminexus Developer Professional for Plug-in
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Primary Server Base(64)
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	Hitachi, Ltd	uCosminexus Service Platform(64)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003905.html",
  "dc:date": "2026-02-17T20:46+09:00",
  "dcterms:issued": "2026-02-17T20:46+09:00",
  "dcterms:modified": "2026-02-17T20:46+09:00",
  "description": "Multiple vulnerabilities have been found in Cosminexus HTTP Server and Hitachi Web Server.\r\n\r\nCVE-2024-42516, CVE-2024-47252\r\n\r\nCVE-2024-47252 is not exploitable when SSL is not enabled.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003905.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server64",
      "@product": "uCosminexus Application Server(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_express",
      "@product": "uCosminexus Application Server Express",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server-custom_edition",
      "@product": "Hitachi Web Server - Custom Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:programming_environment_for_java",
      "@product": "Programming Environment for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard-r",
      "@product": "uCosminexus Application Server Standard-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_01",
      "@product": "uCosminexus Developer 01",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional",
      "@product": "uCosminexus Developer Professional",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional_for_atm",
      "@product": "uCosminexus Developer Professional for ATM",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional_for_plug-in",
      "@product": "uCosminexus Developer Professional for Plug-in",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base64",
      "@product": "uCosminexus Primary Server Base(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform_64",
      "@product": "uCosminexus Service Platform(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-003905",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-42516",
      "@id": "CVE-2024-42516",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-47252",
      "@id": "CVE-2024-47252",
      "@source": "CVE"
    }
  ],
  "title": "Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server"
}

JVNDB-2026-003911

Vulnerability from jvndb - Published: 2026-02-17 20:46 - Updated:2026-02-17 20:46

Summary

Vulnerability in Cosminexus HTTP Server

Details

Vulnerability has been found in Cosminexus HTTP Server. CVE-2025-23048 This vulnerability does not apply if SSL is disabled.

References

Type

URL

CVE

https://www.cve.org/CVERecord?id=CVE-2025-23048

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003911.html",
  "dc:date": "2026-02-17T20:46+09:00",
  "dcterms:issued": "2026-02-17T20:46+09:00",
  "dcterms:modified": "2026-02-17T20:46+09:00",
  "description": "Vulnerability has been found in Cosminexus HTTP Server.\r\n\r\nCVE-2025-23048\r\n\r\nThis vulnerability does not apply if SSL is disabled.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-003911.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-003911",
  "sec:references": {
    "#text": "https://www.cve.org/CVERecord?id=CVE-2025-23048",
    "@id": "CVE-2025-23048",
    "@source": "CVE"
  },
  "title": "Vulnerability in Cosminexus HTTP Server"
}

JVNDB-2026-002030

Vulnerability from jvndb - Published: 2026-01-29 10:32 - Updated:2026-01-29 10:32

Summary

Multiple Vulnerabilities in Cosminexus

Details

Multiple vulnerabilities exist in Cosminexus Component Container. CVE-2025-48988, CVE-2025-48976 Affected products and versions are listed below. Please upgrade your version to the appropriate version. These vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products. For details about the fixed version about Cosminexus products, contact your Hitachi support service representative.

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2025-48976
	CVE	https://www.cve.org/CVERecord?id=CVE-2025-48988

Impacted products

Vendor

Product

	Hitachi, Ltd	uCosminexus Application Server(64)
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	Programming Environment for Java
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Primary Server Base(64)
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	Hitachi, Ltd	uCosminexus Service Platform(64)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-002030.html",
  "dc:date": "2026-01-29T10:32+09:00",
  "dcterms:issued": "2026-01-29T10:32+09:00",
  "dcterms:modified": "2026-01-29T10:32+09:00",
  "description": "Multiple vulnerabilities exist in Cosminexus Component Container.\r\n\r\nCVE-2025-48988, CVE-2025-48976\r\n\r\nAffected products and versions are listed below. Please upgrade your version to the appropriate version.\r\nThese vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products.\r\nFor details about the fixed version about Cosminexus products, contact your Hitachi support service representative.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-002030.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server64",
      "@product": "uCosminexus Application Server(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:programming_environment_for_java",
      "@product": "Programming Environment for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base64",
      "@product": "uCosminexus Primary Server Base(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform_64",
      "@product": "uCosminexus Service Platform(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2026-002030",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-48976",
      "@id": "CVE-2025-48976",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-48988",
      "@id": "CVE-2025-48988",
      "@source": "CVE"
    }
  ],
  "title": "Multiple Vulnerabilities in Cosminexus"
}

JVNDB-2024-009498

Vulnerability from jvndb - Published: 2024-10-01 16:01 - Updated:2024-10-01 16:01

Summary

Vulnerability in Cosminexus

Details

Vulnerability has been found in Cosminexus.

References

Type

URL

CVE

https://www.cve.org/CVERecord?id=CVE-2024-24549

Impacted products

Vendor

Product

	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-009498.html",
  "dc:date": "2024-10-01T16:01+09:00",
  "dcterms:issued": "2024-10-01T16:01+09:00",
  "dcterms:modified": "2024-10-01T16:01+09:00",
  "description": "Vulnerability has been found in Cosminexus.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-009498.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2024-009498",
  "sec:references": {
    "#text": "https://www.cve.org/CVERecord?id=CVE-2024-24549",
    "@id": "CVE-2024-24549",
    "@source": "CVE"
  },
  "title": "Vulnerability in Cosminexus"
}

JVNDB-2024-002961

Vulnerability from jvndb - Published: 2024-03-13 12:10 - Updated:2024-03-13 12:10

Severity ?

5.6 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Summary

Information Exposure Vulnerability in Cosminexus Component Container

Details

An information exposure vulnerability (CVE-2023-6814) exists in Cosminexus Component Container. Affected products and versions are listed below. Please upgrade your version to the appropriate version. These vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products. For details about the fixed version about Cosminexus products, contact your Hitachi support service representative.

References

Type

URL

	CVE	https://www.cve.org/CVERecord?id=CVE-2023-6814
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-6814
	Information Exposure Through Log Files(CWE-532)	https://cwe.mitre.org/data/definitions/532.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Component Container
	Hitachi, Ltd	uCosminexus Application Server(64)
	Hitachi, Ltd	uCosminexus Application Server-R
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Application Server Standard-R
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Professional
	Hitachi, Ltd	uCosminexus Developer Professional for Plug-in
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Primary Server Base
	Hitachi, Ltd	uCosminexus Primary Server Base(64)
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	Hitachi, Ltd	uCosminexus Service Platform(64)

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-002961.html",
  "dc:date": "2024-03-13T12:10+09:00",
  "dcterms:issued": "2024-03-13T12:10+09:00",
  "dcterms:modified": "2024-03-13T12:10+09:00",
  "description": "An information exposure vulnerability (CVE-2023-6814) exists in Cosminexus Component Container.\r\n\r\nAffected products and versions are listed below. Please upgrade your version to the appropriate version.\r\nThese vulnerabilities exist in Cosminexus Component Container which is a component product of other Hitachi products.\r\nFor details about the fixed version about Cosminexus products, contact your Hitachi support service representative.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-002961.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_component_container",
      "@product": "Cosminexus Component Container",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server64",
      "@product": "uCosminexus Application Server(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_r",
      "@product": "uCosminexus Application Server-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard-r",
      "@product": "uCosminexus Application Server Standard-R",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional",
      "@product": "uCosminexus Developer Professional",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional_for_plug-in",
      "@product": "uCosminexus Developer Professional for Plug-in",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base",
      "@product": "uCosminexus Primary Server Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server_base64",
      "@product": "uCosminexus Primary Server Base(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform_64",
      "@product": "uCosminexus Service Platform(64)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.6",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-002961",
  "sec:references": [
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-6814",
      "@id": "CVE-2023-6814",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-6814",
      "@id": "CVE-2023-6814",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/532.html",
      "@id": "CWE-532",
      "@title": "Information Exposure Through Log Files(CWE-532)"
    }
  ],
  "title": "Information Exposure Vulnerability in Cosminexus Component Container"
}

JVNDB-2021-001345

Vulnerability from jvndb - Published: 2021-04-13 16:46 - Updated:2021-04-13 16:46

Summary

Information Disclosure Vulnerability in Cosminexus

Details

An Information Disclosure Vulnerability was found in Cosminexus.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Component Container
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Professional
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001345.html",
  "dc:date": "2021-04-13T16:46+09:00",
  "dcterms:issued": "2021-04-13T16:46+09:00",
  "dcterms:modified": "2021-04-13T16:46+09:00",
  "description": "An Information Disclosure Vulnerability was found in Cosminexus.",
  "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001345.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_component_container",
      "@product": "Cosminexus Component Container",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_professional",
      "@product": "uCosminexus Developer Professional",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2021-001345",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Information Disclosure Vulnerability in Cosminexus"
}

JVNDB-2020-005743

Vulnerability from jvndb - Published: 2020-06-22 15:40 - Updated:2020-06-22 15:40

Summary

Vulnerability in Cosminexus HTTP Server

Details

A vulnerability (CVE-2019-1551) exists in Cosminexus HTTP Server.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-005743.html",
  "dc:date": "2020-06-22T15:40+09:00",
  "dcterms:issued": "2020-06-22T15:40+09:00",
  "dcterms:modified": "2020-06-22T15:40+09:00",
  "description": "A vulnerability (CVE-2019-1551) exists in Cosminexus HTTP Server.",
  "link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-005743.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server",
      "@product": "uCosminexus Primary Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2020-005743",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Vulnerability in Cosminexus HTTP Server"
}

JVNDB-2019-010374

Vulnerability from jvndb - Published: 2019-10-18 14:18 - Updated:2019-10-18 14:18

Summary

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Details

A vulnerability (CVE-2019-10092) exists in Cosminexus HTTP Server and Hitachi Web Server.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-010374.html",
  "dc:date": "2019-10-18T14:18+09:00",
  "dcterms:issued": "2019-10-18T14:18+09:00",
  "dcterms:modified": "2019-10-18T14:18+09:00",
  "description": "A vulnerability (CVE-2019-10092) exists in Cosminexus HTTP Server and Hitachi Web Server.",
  "link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-010374.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server",
      "@product": "uCosminexus Primary Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2019-010374",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Vulnerability in Cosminexus HTTP Server and Hitachi Web Server"
}

JVNDB-2019-004441

Vulnerability from jvndb - Published: 2019-06-03 13:55 - Updated:2019-06-03 13:55

Summary

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Details

A vulnerability (CVE-2019-0220) exists in Cosminexus HTTP Server and Hitachi Web Server.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Primary Server
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-004441.html",
  "dc:date": "2019-06-03T13:55+09:00",
  "dcterms:issued": "2019-06-03T13:55+09:00",
  "dcterms:modified": "2019-06-03T13:55+09:00",
  "description": "A vulnerability (CVE-2019-0220) exists in Cosminexus HTTP Server and Hitachi Web Server.",
  "link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-004441.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server",
      "@product": "uCosminexus Primary Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2019-004441",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Vulnerability in Cosminexus HTTP Server and Hitachi Web Server"
}

JVNDB-2019-002892

Vulnerability from jvndb - Published: 2019-04-25 15:13 - Updated:2019-04-25 15:13

Summary

Multiple Vulnerabilities in Cosminexus

Details

Cosminexus Developer's Kit for Java and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698

References

Type

URL

	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2697
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-2602
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-2684
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-2697
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-2698
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-002892.html",
  "dc:date": "2019-04-25T15:13+09:00",
  "dcterms:issued": "2019-04-25T15:13+09:00",
  "dcterms:modified": "2019-04-25T15:13+09:00",
  "description": "Cosminexus Developer\u0027s Kit for Java and Hitachi Developer\u0027s Kit for Java contain the following vulnerabilities: \r\n\r\nCVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698",
  "link": "https://jvndb.jvn.jp/en/contents/2019/JVNDB-2019-002892.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:identifier": "JVNDB-2019-002892",
  "sec:references": [
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602",
      "@id": "CVE-2019-2602",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684",
      "@id": "CVE-2019-2684",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2697",
      "@id": "CVE-2019-2697",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698",
      "@id": "CVE-2019-2698",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-2602",
      "@id": "CVE-2019-2602",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-2684",
      "@id": "CVE-2019-2684",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-2697",
      "@id": "CVE-2019-2697",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2019-2698",
      "@id": "CVE-2019-2698",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Multiple Vulnerabilities in Cosminexus"
}

JVNDB-2016-008607

Vulnerability from jvndb - Published: 2017-06-30 15:55 - Updated:2019-07-25 14:14

Severity ?

4.0 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Details

A vulnerability (CVE-2016-8743) exists in Cosminexus HTTP Server and Hitachi Web Server.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8743
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-4975
	Data Handling(CWE-19)	https://cwe.mitre.org/data/definitions/19.html

Impacted products

Vendor

Product

	Apache Software Foundation	Apache HTTP Server
	Hitachi, Ltd	Cosminexus HTTP Server
	Hitachi, Ltd	Hitachi Application Server
	Hitachi, Ltd	Hitachi Application Server for Developers
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	Hitachi IT Operations Director
	Hitachi, Ltd	Job Management Partner 1/IT Desktop Management
	Hitachi, Ltd	Job Management Partner 1/IT Desktop Management - Manager
	Hitachi, Ltd	Job Management Partner 1/Integrated Management
	Hitachi, Ltd	Job Management Partner 1/Performance Management - Web Console
	Hitachi, Ltd	JP1/Automatic Operation
	Hitachi, Ltd	JP1/IT Desktop Management - Manager
	Hitachi, Ltd	JP1/Performance Management
	Hitachi, Ltd	JP1/Automatic Job Management System 3
	Hitachi, Ltd	JP1/Integrated Management
	Hitachi, Ltd	JP1/IT Desktop Management
	Hitachi, Ltd	JP1/Operations Analytics
	Hitachi, Ltd	JP1/Service Support
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Primary Server
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008607.html",
  "dc:date": "2019-07-25T14:14+09:00",
  "dcterms:issued": "2017-06-30T15:55+09:00",
  "dcterms:modified": "2019-07-25T14:14+09:00",
  "description": "A vulnerability (CVE-2016-8743) exists in Cosminexus HTTP Server and Hitachi Web Server.",
  "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008607.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:http_server",
      "@product": "Apache HTTP Server",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_http_server",
      "@product": "Cosminexus HTTP Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server",
      "@product": "Hitachi Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_application_server_for_developers",
      "@product": "Hitachi Application Server for Developers",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:it_operations_director",
      "@product": "Hitachi IT Operations Director",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:job_management_partner_1%2Fit_desktop_management",
      "@product": "Job Management Partner 1/IT Desktop Management",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:job_management_partner_1%2Fit_desktop_management-manager",
      "@product": "Job Management Partner 1/IT Desktop Management - Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:job_management_partner_1_integrated_management",
      "@product": "Job Management Partner 1/Integrated Management",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:job_management_partner_1_performance_management_web_console",
      "@product": "Job Management Partner 1/Performance Management - Web Console",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1%2fautomatic_operation",
      "@product": "JP1/Automatic Operation",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1%2Fit_desktop_management-manager",
      "@product": "JP1/IT Desktop Management - Manager",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1%2fperformance_management",
      "@product": "JP1/Performance Management",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1_automatic_job_management_system_3",
      "@product": "JP1/Automatic Job Management System 3",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1_integrated_management",
      "@product": "JP1/Integrated Management",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1_it_desktop_management",
      "@product": "JP1/IT Desktop Management",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1_operation_analytics",
      "@product": "JP1/Operations Analytics",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:jp1_service_support",
      "@product": "JP1/Service Support",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_primary_server",
      "@product": "uCosminexus Primary Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "4.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "4.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2016-008607",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743",
      "@id": "CVE-2016-8743",
      "@source": "CVE"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975",
      "@id": "CVE-2016-4975",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-8743",
      "@id": "CVE-2016-8743",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4975",
      "@id": "CVE-2016-4975",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/19.html",
      "@id": "CWE-19",
      "@title": "Data Handling(CWE-19)"
    }
  ],
  "title": "Vulnerability in Cosminexus HTTP Server and Hitachi Web Server"
}

JVNDB-2013-005669

Vulnerability from jvndb - Published: 2013-12-25 19:13 - Updated:2013-12-25 19:13

Severity ?

N/A (UNKNOWN) - -

Summary

Xml eXternal Entity Vulnerability in Hitachi Cosminexus

Details

When using Cosminexus JAX-WS, XXE (Xml eXternal Entity) in Hitachi Cosminexus Component Container contains a vulnerability that may cause information leakage.

References

Type

URL

Information Exposure(CWE-200)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Component Container
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-005669.html",
  "dc:date": "2013-12-25T19:13+09:00",
  "dcterms:issued": "2013-12-25T19:13+09:00",
  "dcterms:modified": "2013-12-25T19:13+09:00",
  "description": "When using Cosminexus JAX-WS, XXE (Xml eXternal Entity) in Hitachi Cosminexus Component Container contains a vulnerability that may cause information leakage.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-005669.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_component_container",
      "@product": "Cosminexus Component Container",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-005669",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-200",
    "@title": "Information Exposure(CWE-200)"
  },
  "title": "Xml eXternal Entity Vulnerability in Hitachi Cosminexus"
}

JVNDB-2013-001321

Vulnerability from jvndb - Published: 2013-02-12 14:24 - Updated:2013-02-12 14:24

Severity ?

N/A (UNKNOWN) - -

Summary

User Authentication Vulnerability in Operational Management Function of Cosminexus

Details

The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached.

References

Type

URL

Improper Authentication(CWE-287)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Component Container
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-001321.html",
  "dc:date": "2013-02-12T14:24+09:00",
  "dcterms:issued": "2013-02-12T14:24+09:00",
  "dcterms:modified": "2013-02-12T14:24+09:00",
  "description": "The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-001321.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_component_container",
      "@product": "Cosminexus Component Container",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-001321",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-287",
    "@title": "Improper Authentication(CWE-287)"
  },
  "title": "User Authentication Vulnerability in Operational Management Function of Cosminexus"
}

JVNDB-2012-000079

Vulnerability from jvndb - Published: 2012-08-30 13:57 - Updated:2014-05-23 18:34

Severity ?

N/A (UNKNOWN) - -

Summary

Adobe Reader fails to properly handle signatures

Details

Adobe Reader fails to properly handle RSA signatures. Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN51615542/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339
	CERT-VN	http://www.kb.cert.org/vuls/id/845620
	Credentials Management(CWE-255)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Adobe Inc.	Adobe Reader
	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Enterprise Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html",
  "dc:date": "2014-05-23T18:34+09:00",
  "dcterms:issued": "2012-08-30T13:57+09:00",
  "dcterms:modified": "2014-05-23T18:34+09:00",
  "description": "Adobe Reader fails to properly handle RSA signatures.\r\n\r\nAdobe Reader contains an issue where it may fail to properly verify RSA signatures.\r\n\r\nMasahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:adobe:acrobat_reader",
      "@product": "Adobe Reader",
      "@vendor": "Adobe Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
      "@product": "Cosminexus Server - Enterprise Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
      "@product": "Cosminexus Server - Standard Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
      "@product": "Cosminexus Server - Web Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2012-000079",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN51615542/index.html",
      "@id": "JVN#51615542",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339",
      "@id": "CVE-2006-4339",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339",
      "@id": "CVE-2006-4339",
      "@source": "NVD"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/845620",
      "@id": "US-CERT Vulnerability Note VU#845620",
      "@source": "CERT-VN"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-255",
      "@title": "Credentials Management(CWE-255)"
    }
  ],
  "title": "Adobe Reader fails to properly handle signatures"
}

JVNDB-2010-001874

Vulnerability from jvndb - Published: 2010-09-01 14:11 - Updated:2010-09-01 14:11

Severity ?

N/A (UNKNOWN) - -

Summary

Denial of Service (DoS) Vulnerability in Cosminexus

Details

Cosminexus series products contain a vulnerability that could cause a denial of service (DoS) condition when receiving unexpected data. After it abends, the service can be restarted by rebooting the system.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	DocumentBroker
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Navigation
	Hitachi, Ltd	uCosminexus Reporting Base
	Hitachi, Ltd	uCosminexus Service
	Hitachi, Ltd	uCosminexus SI Navigation System

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001874.html",
  "dc:date": "2010-09-01T14:11+09:00",
  "dcterms:issued": "2010-09-01T14:11+09:00",
  "dcterms:modified": "2010-09-01T14:11+09:00",
  "description": "Cosminexus series products contain a vulnerability that could cause a denial of service (DoS) condition when receiving unexpected data.\r\nAfter it abends, the service can be restarted by rebooting the system.",
  "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001874.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:documentbroker",
      "@product": "DocumentBroker",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_navigation",
      "@product": "uCosminexus Navigation",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_reporting_base",
      "@product": "uCosminexus Reporting Base",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_si_navigation_system",
      "@product": "uCosminexus SI Navigation System",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2010-001874",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Denial of Service (DoS) Vulnerability in Cosminexus"
}

JVNDB-2009-002475

Vulnerability from jvndb - Published: 2010-02-09 14:03 - Updated:2010-02-09 14:03

Severity ?

N/A (UNKNOWN) - -

Summary

Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java

Details

Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.

References

Type

URL

Buffer Errors(CWE-119)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Navigation
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "dc:date": "2010-02-09T14:03+09:00",
  "dcterms:issued": "2010-02-09T14:03+09:00",
  "dcterms:modified": "2010-02-09T14:03+09:00",
  "description": "Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a buffer overflow vulnerability when processing image files in Java applications.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-002475.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_navigation",
      "@product": "uCosminexus Navigation",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-002475",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-119",
    "@title": "Buffer Errors(CWE-119)"
  },
  "title": "Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer\u0027s Kit for Java"
}

JVNDB-2009-001741

Vulnerability from jvndb - Published: 2009-07-14 10:17 - Updated:2014-05-21 18:16

Severity ?

N/A (UNKNOWN) - -

Summary

Hitachi Web Server Vulnerability in SSL Client Authentication

Details

Hitachi Web Server contains a vulnerability in handling SSL client certificates, which could allow an attacker to manipulate environment variables and/or spoof the client to access Web servers.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0555
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0555
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001741.html",
  "dc:date": "2014-05-21T18:16+09:00",
  "dcterms:issued": "2009-07-14T10:17+09:00",
  "dcterms:modified": "2014-05-21T18:16+09:00",
  "description": "Hitachi Web Server contains a vulnerability in handling SSL client\r\ncertificates, which could allow an attacker to manipulate environment\r\nvariables and/or spoof the client to access Web servers.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001741.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-001741",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0555",
      "@id": "CVE-2008-0555",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0555",
      "@id": "CVE-2008-0555",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Hitachi Web Server Vulnerability in SSL Client Authentication"
}

JVNDB-2009-001740

Vulnerability from jvndb - Published: 2009-07-14 10:17 - Updated:2014-05-21 18:24

Severity ?

N/A (UNKNOWN) - -

Summary

Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability

Details

Hitachi Web Server contains a vulnerability that could lead to a denial of service (DoS) condition when using it as a reverse proxy due to excessive memory usage.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2364
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001740.html",
  "dc:date": "2014-05-21T18:24+09:00",
  "dcterms:issued": "2009-07-14T10:17+09:00",
  "dcterms:modified": "2014-05-21T18:24+09:00",
  "description": "Hitachi Web Server contains a vulnerability that could lead to a denial\r\nof service (DoS) condition when using it as a reverse proxy due to\r\nexcessive memory usage.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001740.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-001740",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364",
      "@id": "CVE-2008-2364",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2364",
      "@id": "CVE-2008-2364",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability"
}

JVNDB-2009-001544

Vulnerability from jvndb - Published: 2009-07-07 11:12 - Updated:2009-07-07 11:12

Severity ?

N/A (UNKNOWN) - -

Summary

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process

Details

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.

References

Type

URL

No Mapping(CWE-noinfo)

https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "dc:date": "2009-07-07T11:12+09:00",
  "dcterms:issued": "2009-07-07T11:12+09:00",
  "dcterms:modified": "2009-07-07T11:12+09:00",
  "description": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-001544.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "10.0",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-001544",
  "sec:references": {
    "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
    "@id": "CWE-noinfo",
    "@title": "No Mapping(CWE-noinfo)"
  },
  "title": "Cosminexus Processing Kit for XML and Hitachi Developer\u0027s Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process"
}

JVNDB-2006-000992

Vulnerability from jvndb - Published: 2009-02-04 17:42 - Updated:2014-05-22 18:03

Severity ?

N/A (UNKNOWN) - -

Summary

Multiple Vulnerabilities Concerning Hitachi Web Server

Details

Hitachi Web Server has vulnerabilities listed below: 1. A vulnerability that allows to roll back the Open SSL version when using the SSL. 2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server. 3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0514
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2969
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3352
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3918
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0514
	JVNDB_Ja	http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000992.html
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Enterprise Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html",
  "dc:date": "2014-05-22T18:03+09:00",
  "dcterms:issued": "2009-02-04T17:42+09:00",
  "dcterms:modified": "2014-05-22T18:03+09:00",
  "description": "Hitachi Web Server has vulnerabilities listed below:\r\n\r\n1. A vulnerability that allows to roll back the Open SSL version when using the SSL.\r\n\r\n2. Cross-site scripting vulnerability in contents created automatically by the Hitachi Web Server.\r\n\r\n3. Cross-site scripting vulnerability due to inadequate processing of the Expect header.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000992.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
      "@product": "Cosminexus Server - Enterprise Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
      "@product": "Cosminexus Server - Standard Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
      "@product": "Cosminexus Server - Web Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000992",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969",
      "@id": "CVE-2005-2969",
      "@source": "CVE"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352",
      "@id": "CVE-2005-3352",
      "@source": "CVE"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918",
      "@id": "CVE-2006-3918",
      "@source": "CVE"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0514",
      "@id": "CVE-2007-0514",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2969",
      "@id": "CVE-2005-2969",
      "@source": "NVD"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3352",
      "@id": "CVE-2005-3352",
      "@source": "NVD"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3918",
      "@id": "CVE-2006-3918",
      "@source": "NVD"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0514",
      "@id": "CVE-2007-0514",
      "@source": "NVD"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000992.html",
      "@id": "JVNDB-2006-000992",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Multiple Vulnerabilities Concerning Hitachi Web Server"
}

JVNDB-2008-001513

Vulnerability from jvndb - Published: 2008-07-30 13:45 - Updated:2014-05-21 18:19

Severity ?

N/A (UNKNOWN) - -

Summary

Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function

Details

A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6388
	JVNDB_Ja	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001513.html
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Enterprise Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001513.html",
  "dc:date": "2014-05-21T18:19+09:00",
  "dcterms:issued": "2008-07-30T13:45+09:00",
  "dcterms:modified": "2014-05-21T18:19+09:00",
  "description": "A cross-site scripting vulnerability has been found with the Status Information Display function of Hitachi Web Server.",
  "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001513.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
      "@product": "Cosminexus Server - Enterprise Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
      "@product": "Cosminexus Server - Standard Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
      "@product": "Cosminexus Server - Web Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2008-001513",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388",
      "@id": "CVE-2007-6388",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6388",
      "@id": "CVE-2007-6388",
      "@source": "NVD"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001513.html",
      "@id": "JVNDB-2008-001513",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cross-Site Scripting Vulnerability in Hitachi Web Server Status Information Display Function"
}

JVNDB-2007-000700

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

Severity ?

N/A (UNKNOWN) - -

Summary

Cosminexus javadoc Cross-Site Scripting Vulnerability

Details

The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4760
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4760
	SECUNIA	http://secunia.com/advisories/26671
	BID	http://www.securityfocus.com/bid/25518
	XF	http://xforce.iss.net/xforce/xfdb/36393
	FRSIRT	http://www.frsirt.com/english/advisories/2007/3033
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Developer's Kit for Java(TM)
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus ERP Integrator
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The javadoc command of Cosminexus may generate an HTML file that contains cross-site scripting vulnerabilities.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000700.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000700",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4760",
      "@id": "CVE-2007-4760",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4760",
      "@id": "CVE-2007-4760",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/26671",
      "@id": "SA26671",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/25518",
      "@id": "25518",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36393",
      "@id": "36393",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/3033",
      "@id": "FrSIRT/ADV-2007-3033",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cosminexus javadoc Cross-Site Scripting Vulnerability"
}

JVNDB-2005-000601

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2014-05-22 18:04

Severity ?

N/A (UNKNOWN) - -

Summary

OpenSSL version rollback vulnerability

Details

OpenSSL from OpenSSL Project contains a version rollback vulnerability. If a specific option is used on a server running OpenSSL, an attacker can force the client and the server to negotiate the SSL 2.0 protocol even if these parties both request TLS 1.0 protocol by crafting an attack on the communication path. RFC 2246, defining the TLS protocol, defines that when TLS 1.0 is available, SSL 2.0 should not be used in order to avoid version rollback attacks.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN23632449/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2969
	SECUNIA	http://secunia.com/advisories/17151/
	BID	http://www.securityfocus.com/bid/15071
	SECTEAM	http://www.securiteam.com/securitynews/6Y00D0AEBW.html
	FRSIRT	http://www.frsirt.com/english/advisories/2005/2036

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Enterprise Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	OpenSSL Project	OpenSSL
	Trend Micro, Inc.	InterScan Messaging Security Suite
	Trend Micro, Inc.	TrendMicro InterScan VirusWall
	Trend Micro, Inc.	TrendMicro InterScan Web Security Suite
	FUJITSU	FMSE-C301
	FUJITSU	IPCOM Series
	Hewlett-Packard Development Company,L.P	HP-UX
	Cybertrust Japan Co., Ltd.	Asianux Server
	Red Hat, Inc.	Red Hat Enterprise Linux
	Red Hat, Inc.	Red Hat Linux Advanced Workstation
	Sun Microsystems, Inc.	Sun Solaris
	Turbolinux, Inc.	Turbolinux Appliance Server
	Turbolinux, Inc.	Turbolinux FUJI
	Turbolinux, Inc.	Turbolinux Multimedia
	Turbolinux, Inc.	Turbolinux Personal
	Turbolinux, Inc.	Turbolinux Server
	Turbolinux, Inc.	wizpy

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000601.html",
  "dc:date": "2014-05-22T18:04+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2014-05-22T18:04+09:00",
  "description": "OpenSSL from OpenSSL Project contains a version rollback vulnerability. If a specific option is used on a server running OpenSSL, an attacker can force the client and the server to negotiate the SSL 2.0 protocol even if these parties both request TLS 1.0 protocol by crafting an attack on the communication path.\r\n\r\nRFC 2246, defining the TLS protocol, defines that when TLS 1.0 is available, SSL 2.0 should not be used in order to avoid version rollback attacks.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000601.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
      "@product": "Cosminexus Server - Enterprise Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
      "@product": "Cosminexus Server - Standard Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
      "@product": "Cosminexus Server - Web Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:openssl:openssl",
      "@product": "OpenSSL",
      "@vendor": "OpenSSL Project",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:interscan_messaging_security_suite",
      "@product": "InterScan Messaging Security Suite",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:interscan_viruswall",
      "@product": "TrendMicro InterScan VirusWall",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:interscan_web_security_suite",
      "@product": "TrendMicro InterScan Web Security Suite",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:fujitsu:fmse-c301",
      "@product": "FMSE-C301",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/h:fujitsu:ipcom",
      "@product": "IPCOM Series",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:linux_advanced_workstation",
      "@product": "Red Hat Linux Advanced Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:sun:solaris",
      "@product": "Sun Solaris",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_appliance_server",
      "@product": "Turbolinux Appliance Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_wizpy",
      "@product": "wizpy",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000601",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN23632449/index.html",
      "@id": "JVN#23632449",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969",
      "@id": "CVE-2005-2969",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-2969",
      "@id": "CVE-2005-2969",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/17151/",
      "@id": "SA17151",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/15071",
      "@id": "15071",
      "@source": "BID"
    },
    {
      "#text": "http://www.securiteam.com/securitynews/6Y00D0AEBW.html",
      "@id": "6Y00D0AEBW",
      "@source": "SECTEAM"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2005/2036",
      "@id": "FrSIRT/ADV-2005-2036",
      "@source": "FRSIRT"
    }
  ],
  "title": "OpenSSL version rollback vulnerability"
}

JVNDB-2005-000727

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2014-05-22 18:03

Severity ?

N/A (UNKNOWN) - -

Summary

mod_imap cross-site scripting vulnerability

Details

The "mod_imap" and "mod_imagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing. mod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN06045169/index.html
	JVNTR	https://jvn.jp/en/tr/TRTA08-079A/index.html
	JVNTR	https://jvn.jp/en/tr/TRTA08-150A/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3352
	CERT-SA	http://www.us-cert.gov/cas/alerts/SA08-079A.html
	CERT-SA	http://www.us-cert.gov/cas/alerts/SA08-150A.html
	CERT-TA	http://www.us-cert.gov/cas/techalerts/TA08-079A.html
	CERT-TA	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
	BID	http://www.securityfocus.com/bid/15834

Impacted products

Vendor

Product

	Apache Software Foundation	Apache HTTP Server
	Hitachi, Ltd	Cosminexus Application Server Enterprise
	Hitachi, Ltd	Cosminexus Application Server Standard
	Hitachi, Ltd	Cosminexus Application Server Version 5
	Hitachi, Ltd	Cosminexus Developer Light Version 6
	Hitachi, Ltd	Cosminexus Developer Professional Version 6
	Hitachi, Ltd	Cosminexus Developer Standard Version 6
	Hitachi, Ltd	Cosminexus Developer Version 5
	Hitachi, Ltd	Cosminexus Server - Enterprise Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition
	Hitachi, Ltd	Cosminexus Server - Standard Edition Version 4
	Hitachi, Ltd	Cosminexus Server - Web Edition
	Hitachi, Ltd	Cosminexus Server - Web Edition Version 4
	Hitachi, Ltd	Hitachi Web Server
	Hitachi, Ltd	uCosminexus Application Server Enterprise
	Hitachi, Ltd	uCosminexus Application Server Smart Edition
	Hitachi, Ltd	uCosminexus Application Server Standard
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Developer Light
	Hitachi, Ltd	uCosminexus Developer Standard
	Hitachi, Ltd	uCosminexus Service Architect
	Hitachi, Ltd	uCosminexus Service Platform
	IBM Corporation	IBM HTTP Server
	Oracle Corporation	Oracle HTTP Server
	Apple Inc.	Apple Mac OS X
	Apple Inc.	Apple Mac OS X Server
	Hewlett-Packard Development Company,L.P	HP-UX
	Cybertrust Japan Co., Ltd.	Asianux Server
	Red Hat, Inc.	Red Hat Enterprise Linux
	Red Hat, Inc.	Red Hat Linux Advanced Workstation
	Sun Microsystems, Inc.	Sun Solaris
	Turbolinux, Inc.	Turbolinux
	Turbolinux, Inc.	Turbolinux Desktop
	Turbolinux, Inc.	Turbolinux FUJI
	Turbolinux, Inc.	Turbolinux Home
	Turbolinux, Inc.	Turbolinux Multimedia
	Turbolinux, Inc.	Turbolinux Personal
	Turbolinux, Inc.	Turbolinux Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html",
  "dc:date": "2014-05-22T18:03+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2014-05-22T18:03+09:00",
  "description": "The \"mod_imap\" and \"mod_imagemap\" modules of the Apache HTTP Server are used for implementing server-side image map processing.\r\nmod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000727.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:http_server",
      "@product": "Apache HTTP Server",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
      "@product": "Cosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
      "@product": "Cosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
      "@product": "Cosminexus Application Server Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
      "@product": "Cosminexus Developer Light Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
      "@product": "Cosminexus Developer Professional Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
      "@product": "Cosminexus Developer Standard Version 6",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
      "@product": "Cosminexus Developer Version 5",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
      "@product": "Cosminexus Server - Enterprise Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
      "@product": "Cosminexus Server - Standard Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
      "@product": "Cosminexus Server - Standard Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
      "@product": "Cosminexus Server - Web Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
      "@product": "Cosminexus Server - Web Edition Version 4",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_web_server",
      "@product": "Hitachi Web Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
      "@product": "uCosminexus Application Server Enterprise",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_smart_edition",
      "@product": "uCosminexus Application Server Smart Edition",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
      "@product": "uCosminexus Application Server Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_light",
      "@product": "uCosminexus Developer Light",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
      "@product": "uCosminexus Developer Standard",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_architect",
      "@product": "uCosminexus Service Architect",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service_platform",
      "@product": "uCosminexus Service Platform",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ibm:http_server",
      "@product": "IBM HTTP Server",
      "@vendor": "IBM Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:oracle:http_server",
      "@product": "Oracle HTTP Server",
      "@vendor": "Oracle Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x",
      "@product": "Apple Mac OS X",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x_server",
      "@product": "Apple Mac OS X Server",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:enterprise_linux",
      "@product": "Red Hat Enterprise Linux",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:redhat:linux_advanced_workstation",
      "@product": "Red Hat Linux Advanced Workstation",
      "@vendor": "Red Hat, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:sun:solaris",
      "@product": "Sun Solaris",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux",
      "@product": "Turbolinux",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_desktop",
      "@product": "Turbolinux Desktop",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_fuji",
      "@product": "Turbolinux FUJI",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_home",
      "@product": "Turbolinux Home",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_multimedia",
      "@product": "Turbolinux Multimedia",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_personal",
      "@product": "Turbolinux Personal",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:turbolinux:turbolinux_server",
      "@product": "Turbolinux Server",
      "@vendor": "Turbolinux, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000727",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN06045169/index.html",
      "@id": "JVN#06045169",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-079A/index.html",
      "@id": "TRTA08-079A",
      "@source": "JVNTR"
    },
    {
      "#text": "https://jvn.jp/en/tr/TRTA08-150A/index.html",
      "@id": "TRTA08-150A",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352",
      "@id": "CVE-2005-3352",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-3352",
      "@id": "CVE-2005-3352",
      "@source": "NVD"
    },
    {
      "#text": "http://www.us-cert.gov/cas/alerts/SA08-079A.html",
      "@id": "SA08-079A",
      "@source": "CERT-SA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/alerts/SA08-150A.html",
      "@id": "SA08-150A",
      "@source": "CERT-SA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html",
      "@id": "TA08-079A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html",
      "@id": "TA08-150A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/15834",
      "@id": "15834",
      "@source": "BID"
    }
  ],
  "title": "mod_imap cross-site scripting vulnerability"
}

JVNDB-2007-001133

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

Severity ?

N/A (UNKNOWN) - -

Summary

Cosminexus Component Container Session Handling Vulnerability

Details

The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user's session data to be used as aonther user's session data.

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4124
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4124
	SECUNIA	http://secunia.com/advisories/26250
	BID	http://www.securityfocus.com/bid/25145
	XF	http://xforce.iss.net/xforce/xfdb/35706
	FRSIRT	http://www.frsirt.com/english/advisories/2007/2725

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Collaboration
	Hitachi, Ltd	Cosminexus Component Container
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus ERP Integrator
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus ERP Integrator
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The session failover function in Cosminexus Component Container may fail to handle session information properly and allow one user\u0027s session data to be used as aonther user\u0027s session data.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-001133.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_component_container",
      "@product": "Cosminexus Component Container",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.9",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-001133",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4124",
      "@id": "CVE-2007-4124",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4124",
      "@id": "CVE-2007-4124",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/26250",
      "@id": "SA26250",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/25145",
      "@id": "25145",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/35706",
      "@id": "35706",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/2725",
      "@id": "FrSIRT/ADV-2007-2725",
      "@source": "FRSIRT"
    }
  ],
  "title": "Cosminexus Component Container Session Handling Vulnerability"
}

JVNDB-2007-000297

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-07-11 13:47

Severity ?

N/A (UNKNOWN) - -

Summary

Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability

Details

Apache Tomcat from the Apache Software Foundation contains a cross-site scripting vulnerability in the Accept-Language header handling. Apache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies. Apache Tomcat contains a cross-site scripting vulnerability. It occurs when the value of the Accept-Language header sent from a client is non-standard. The vendor has confirmed that this vulnerability occurs when an outdated version of Flash is used.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN16535199/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1358
	SECUNIA	http://secunia.com/advisories/25721
	BID	http://www.securityfocus.com/bid/24524
	SECTRACK	http://www.securitytracker.com/id?1018269
	FRSIRT	http://www.frsirt.com/english/advisories/2007/1729
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Apache Software Foundation	Apache Tomcat
	FUJITSU	Interstage Application Framework Suite
	FUJITSU	Interstage Application Server
	FUJITSU	Interstage Apworks
	FUJITSU	Interstage Business Application Server
	FUJITSU	Interstage Job Workload Server
	FUJITSU	Interstage Web Server
	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus Service
	NEC Corporation	WebOTX Application Server
	Apple Inc.	Apple Mac OS X Server
	Hewlett-Packard Development Company,L.P	HP-UX
	Cybertrust Japan Co., Ltd.	Asianux Server
	Sun Microsystems, Inc.	Sun Solaris

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000297.html",
  "dc:date": "2008-07-11T13:47+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-07-11T13:47+09:00",
  "description": "Apache Tomcat from the Apache Software Foundation contains a cross-site scripting vulnerability in the Accept-Language header handling.\r\n\r\nApache Tomcat from the Apache Software Foundation is an implementation of the Java Servlet and JavaServer Page (JSP) technologies.\r\n\r\nApache Tomcat contains a cross-site scripting vulnerability. It occurs when the value of the Accept-Language header sent from a client is non-standard.\r\n\r\nThe vendor has confirmed that this vulnerability occurs when an outdated version of Flash is used.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000297.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:apache:tomcat",
      "@product": "Apache Tomcat",
      "@vendor": "Apache Software Foundation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_framework_suite",
      "@product": "Interstage Application Framework Suite",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_application_server",
      "@product": "Interstage Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_apworks",
      "@product": "Interstage Apworks",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_business_application_server",
      "@product": "Interstage Business Application Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_job_workload_server",
      "@product": "Interstage Job Workload Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:fujitsu:interstage_web_server",
      "@product": "Interstage Web Server",
      "@vendor": "FUJITSU",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:nec:webotx_application_server",
      "@product": "WebOTX Application Server",
      "@vendor": "NEC Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:apple:mac_os_x_server",
      "@product": "Apple Mac OS X Server",
      "@vendor": "Apple Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:hp:hp-ux",
      "@product": "HP-UX",
      "@vendor": "Hewlett-Packard Development Company,L.P",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:misc:miraclelinux_asianux_server",
      "@product": "Asianux Server",
      "@vendor": "Cybertrust Japan Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:sun:solaris",
      "@product": "Sun Solaris",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000297",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN16535199/index.html",
      "@id": "JVN#16535199",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358",
      "@id": "CVE-2007-1358",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1358",
      "@id": "CVE-2007-1358",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/25721",
      "@id": "SA25721",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/24524",
      "@id": "24524",
      "@source": "BID"
    },
    {
      "#text": "http://www.securitytracker.com/id?1018269",
      "@id": "1018269",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/1729",
      "@id": "FrSIRT/ADV-2007-1729",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability"
}

JVNDB-2007-000702

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

Severity ?

N/A (UNKNOWN) - -

Summary

Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities

Details

The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).

References

Type

URL

	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758
	SECUNIA	http://secunia.com/advisories/26538
	XF	http://xforce.iss.net/xforce/xfdb/36618
	FRSIRT	http://www.frsirt.com/english/advisories/2007/3034
	Buffer Errors(CWE-119)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Hitachi, Ltd	Cosminexus Application Server
	Hitachi, Ltd	Cosminexus Client
	Hitachi, Ltd	Cosminexus Collaboration
	Hitachi, Ltd	Cosminexus Developer
	Hitachi, Ltd	Cosminexus Developer's Kit for Java(TM)
	Hitachi, Ltd	Cosminexus ERP Integrator
	Hitachi, Ltd	Cosminexus/OpenTP1
	Hitachi, Ltd	Cosminexus Server
	Hitachi, Ltd	Cosminexus Studio
	Hitachi, Ltd	Electronic Form Workflow
	Hitachi, Ltd	Groupmax Collaboration
	Hitachi, Ltd	Hitachi Developer's Kit for Java
	Hitachi, Ltd	Processing Kit for XML
	Hitachi, Ltd	uCosminexus Application Server
	Hitachi, Ltd	uCosminexus Client
	Hitachi, Ltd	uCosminexus Collaboration
	Hitachi, Ltd	uCosminexus Developer
	Hitachi, Ltd	uCosminexus ERP Integrator
	Hitachi, Ltd	uCosminexus/OpenTP1
	Hitachi, Ltd	uCosminexus Operator
	Hitachi, Ltd	uCosminexus Service

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "The image-processing APIs in Cosminexus Developer\u0027s Kit for Java is vulnerable to buffer overflow and a Denial od Service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000702.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:hitachi:cosminexus_application_server",
      "@product": "Cosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_client",
      "@product": "Cosminexus Client ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_collaboration",
      "@product": "Cosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developer",
      "@product": "Cosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_developers_kit_for_java",
      "@product": "Cosminexus Developer\u0027s Kit for Java(TM)",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_erp_integrator",
      "@product": "Cosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_opentp1",
      "@product": "Cosminexus/OpenTP1",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_server",
      "@product": "Cosminexus Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:cosminexus_studio",
      "@product": "Cosminexus Studio",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:electronic_form_workflow",
      "@product": "Electronic Form Workflow",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:groupmax_collaboration",
      "@product": "Groupmax Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:hitachi_developers_kit_for_java",
      "@product": "Hitachi Developer\u0027s Kit for Java",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:processing_kit_for_xml",
      "@product": "Processing Kit for XML",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_application_server",
      "@product": "uCosminexus Application Server",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_client",
      "@product": "uCosminexus Client",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_collaboration",
      "@product": "uCosminexus Collaboration",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_developer",
      "@product": "uCosminexus Developer",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_erp_integrator",
      "@product": "uCosminexus ERP Integrator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_opentp1",
      "@product": "uCosminexus/OpenTP1 ",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_operator",
      "@product": "uCosminexus Operator",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:ucosminexus_service",
      "@product": "uCosminexus Service",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "7.5",
    "@severity": "High",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000702",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4758",
      "@id": "CVE-2007-4758",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/26538",
      "@id": "SA26538",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/36618",
      "@id": "36618",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/3034",
      "@id": "FrSIRT/ADV-2007-3034",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "Cosminexus Developer\u0027s Kit for Java Buffer Overflow and Denial of Service Vulnerabilities"
}

Search criteria

36 vulnerabilities found for uCosminexus Developer by Hitachi, Ltd