Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4564

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2007-4564
Last Modified 15 Nov 2008 01:57:33
Published 27 Aug 2007 09:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4564

Summary

Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges.

Vulnerable Systems

Application

  • Hitachi Cosminexus Application Server Enterprise 06 50

  • Hitachi Cosminexus Application Server Enterprise 06 50 B

  • Hitachi Cosminexus Application Server Enterprise 06 50 C

  • Hitachi Cosminexus Application Server Enterprise 06 50 C 1

  • Hitachi Cosminexus Application Server Enterprise 06 50 E 1

  • Hitachi Cosminexus Application Server Enterprise 06 50 F

  • Hitachi Cosminexus Application Server Enterprise 06 51

  • Hitachi Cosminexus Application Server Enterprise 06 51 B 1

  • Hitachi Cosminexus Application Server Enterprise 06 51 C

  • Hitachi Cosminexus Application Server Standard 06 50

  • Hitachi Cosminexus Application Server Standard 06 50 B

  • Hitachi Cosminexus Application Server Standard 06 50 C

  • Hitachi Cosminexus Application Server Standard 06 50 C 1

  • Hitachi Cosminexus Application Server Standard 06 50 E 1

  • Hitachi Cosminexus Application Server Standard 06 50 F

  • Hitachi Cosminexus Application Server Standard 06 51

  • Hitachi Cosminexus Application Server Standard 06 51 B 1

  • Hitachi Cosminexus Application Server Standard 06 51 C

  • Hitachi Electronic Form Workflow - Standard Set 07 00

  • Hitachi Electronic Form Workflow - Standard Set 07 00 B

  • Hitachi Electronic Form Workflow -professional Library Set 07 00

  • Hitachi Electronic Form Workflow -professional Library Set 07 00 B

  • Hitachi Ucosminexus Application Server Enterprise 06 70

  • Hitachi Ucosminexus Application Server Enterprise 06 70 A

  • Hitachi Ucosminexus Application Server Enterprise 06 70 B

  • Hitachi Ucosminexus Application Server Enterprise 06 70 B 1

  • Hitachi Ucosminexus Application Server Enterprise 06 70 D

  • Hitachi Ucosminexus Application Server Enterprise 06 70 G

  • Hitachi Ucosminexus Application Server Enterprise 06 71

  • Hitachi Ucosminexus Application Server Enterprise 06 71 B

  • Hitachi Ucosminexus Application Server Enterprise 06 71 C

  • Hitachi Ucosminexus Application Server Enterprise 06 72 1

  • Hitachi Ucosminexus Application Server Enterprise 06 72 B

  • Hitachi Ucosminexus Application Server Enterprise 06 72 G

  • Hitachi Ucosminexus Application Server Enterprise 07 00

  • Hitachi Ucosminexus Application Server Enterprise 07 00 12

  • Hitachi Ucosminexus Application Server Enterprise 07 10

  • Hitachi Ucosminexus Application Server Enterprise 07 10 06

  • Hitachi Ucosminexus Application Server Enterprise 07 10 08

  • Hitachi Ucosminexus Application Server Enterprise 07 10 1

  • Hitachi Ucosminexus Application Server Enterprise 07-00-01

  • Hitachi Ucosminexus Application Server Standard 06 70

  • Hitachi Ucosminexus Application Server Standard 06 70 A

  • Hitachi Ucosminexus Application Server Standard 06 70 B

  • Hitachi Ucosminexus Application Server Standard 06 70 B 1

  • Hitachi Ucosminexus Application Server Standard 06 70 C

  • Hitachi Ucosminexus Application Server Standard 06 70 D

  • Hitachi Ucosminexus Application Server Standard 06 71

  • Hitachi Ucosminexus Application Server Standard 06 71 B

  • Hitachi Ucosminexus Application Server Standard 06 72 1

  • Hitachi Ucosminexus Application Server Standard 06 72 B 1

  • Hitachi Ucosminexus Application Server Standard 06 72 C

  • Hitachi Ucosminexus Application Server Standard 06 72 D

  • Hitachi Ucosminexus Application Server Standard 06 72 G

  • Hitachi Ucosminexus Application Server Standard 07 00

  • Hitachi Ucosminexus Application Server Standard 07 00 1

  • Hitachi Ucosminexus Application Server Standard 07 10

  • Hitachi Ucosminexus Service Platform 07 00

  • Hitachi Ucosminexus Service Platform 07 10


References

SECUNIA - 26589

XF - cosminexus-group-security-bypass(36245)

BID - 25434

CONFIRM - http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html

OSVDB - 37855


Last Updated: 27 May 2016 10:45:54