Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-4124

Опубликовано: 01 авг. 2007
Источник: nvd
CVSS2: 4.9
EPSS Низкий

Описание

The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server:6:*:standard:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer:6:*:light:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer:6:*:professional:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_developer:6:*:standard:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_erp_integrator:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow:*:*:developer_client_set:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow:*:*:professional_library_set:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow:*:*:standard_set:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:server:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:enterprise:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:standard:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*:*:server:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_developer:*:*:light:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_developer:*:*:professional:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_developer:*:*:standard:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_erp_integrator:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_opentp1_web_front-end_set:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00388
Низкий

4.9 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-hhp6-3f6p-xrjv

github
почти 4 года назад

The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.

EPSS

Процентиль: 59%
0.00388
Низкий

4.9 Medium

CVSS2

Дефекты

NVD-CWE-Other