Vulnerability in Hitachi Cosminexus_application_server_enterprise
CVE-2007-4563
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.
EPSS: 0.003 (20.0th percentile) — read the EPSS interpretation.
Affected products
- Hitachi Cosminexus_application_server_enterprise — versions 06_50, 06_50_b, 06_50_c
- Hitachi Cosminexus_application_server_standard — versions 06_50, 06_50_b, 06_50_c
- Hitachi Electronic_form_workflow_-professional_library_set — versions 07_00, 07_00_b
- Hitachi Electronic_form_workflow_-_standard_set — versions 07_00, 07_00_b
- Hitachi Ucosminexus_application_server_enterprise — versions 06_70, 06_70_a, 06_70_b
- Hitachi Ucosminexus_application_server_standard — versions 06_70, 06_70_a, 06_70_b
- Hitachi Ucosminexus_service_platform — versions 07_00, 07_10
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)