Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5810

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5810
Last Modified 07 Mar 2011 10:01:20
Published 05 Nov 2007 12:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5810

Summary

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

Vulnerable Systems

Application

  • Hitachi Cosminexus Application Server Enterprise 06 51 J

  • Hitachi Cosminexus Application Server Standard 06 51 J

  • Hitachi Cosminexus Developer Light Version 6 06 51 J

  • Hitachi Cosminexus Developer Professional Version 6 06 51 J

  • Hitachi Cosminexus Developer Standard Version 6 06 51 J

  • Hitachi Cosminexus Server 04 01

  • Hitachi Ucosminexus Application Server Enterprise 07 50 01

  • Hitachi Ucosminexus Application Server Standard 07 50 01

  • Hitachi Ucosminexus Developer Light 06 71 D

  • Hitachi Ucosminexus Developer Professional 07 50 01

  • Hitachi Ucosminexus Developer Standard 07 50 01

  • Hitachi Ucosminexus Service Architect 07 50 01

  • Hitachi Ucosminexus Service Platform 07 50 01

  • Hitachi Web Server 01 00

  • Hitachi Web Server 01 01

  • Hitachi Web Server 01 01 D

  • Hitachi Web Server 01 02 D

  • Hitachi Web Server 01 02 E

  • Hitachi Web Server 02 00

  • Hitachi Web Server 02 00 A

  • Hitachi Web Server 02 02

  • Hitachi Web Server 02 04 B

  • Hitachi Web Server 02 06 A

  • Hitachi Web Server 03 00

  • Hitachi Web Server 03 00 01


References

CONFIRM - http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html

SECUNIA - 27421

VUPEN - ADV-2007-3666

OSVDB - 42026

BID - 26271


Last Updated: 27 May 2016 10:46:17