Improper input validation in Hitachi Cosminexus_application_server_enterprise
CVE-2007-5810
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signat…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.008 (51.2th percentile) — read the EPSS interpretation.
Affected products
- Hitachi Cosminexus_application_server_enterprise
- Hitachi Cosminexus_application_server_standard
- Hitachi Cosminexus_developer_light_version_6
- Hitachi Cosminexus_developer_professional_version_6
- Hitachi Cosminexus_developer_standard_version_6
- Hitachi Cosminexus_server
- Hitachi Ucosminexus_application_server_enterprise
- Hitachi Ucosminexus_application_server_standard
- Hitachi Ucosminexus_developer_light
- Hitachi Ucosminexus_developer_professional
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vdb-entry, x_refsource_BID)