10 results (0.007 seconds)

CVSS: 5.9EPSS: 0%CPEs: 574EXPL: 0

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15. La biblioteca Fujitsu TLS permite un ataque de tipo man-in-the-middle. Esto afecta a Interstage Application Development Cycle Manager versión V10 y otras versiones, Interstage Application Server versión V12 y otras versiones, Interstage Business Application Manager versión V2 y otras versiones, Interstage Information Integrator versión V11 y otras versiones, Interstage Job Workload Server versión V8, Interstage List Works versión V10 y otras versiones , Interstage Studio versión V12 y otras versiones, Interstage Web Server Express versión V11, Linkexpress versión V5, Safeauthor versión V3, ServerView Resource Orchestrator versión V3, Systemwalker Cloud Business Service Management versión V1, Systemwalker Desktop Keeper versión V15, Systemwalker Desktop Patrol versión V15, Systemwalker IT Change Manager versión V14, Systemwalker Operation Manager versión V16 y otras versiones, Systemwalker Runbook Automation versión V15 y otras versiones, Systemwalker Security Control versión V1 y Systemwalker Software Configuration Manager versión V15. • https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html • CWE-326: Inadequate Encryption Strength •

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs." Desbordamiento de búfer en la funcionalidad Interstage HTTP Server log, tal como se utiliza en Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1 y 10.0.0, y Interstage Studio 9.0.0, 9.1.0, 9.2 0.0 y 10.0.0, tiene impacto y vectores de ataque no especificados relacionados con "ihsrlog / rotatelogs." • http://www.fujitsu.com/global/support/software/security/products-f/interstage-201302e.html http://www.securityfocus.com/bid/63929 http://www.securitytracker.com/id/1029398 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 0%CPEs: 19EXPL: 0

Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. Vulnerabilidad sin especificar en el servicio Servlet en Fujitsu Limited Interstage Application Server v3.0 hasta v7.0, como el usado en Interstage Application Framework Suite, Interstage Business Application Server y Interstage List Manager, permite a atacantes obtener información sensible o forzar peticiones no válidas para ser procesadas a través de vectores desconocidos relacionados con peticiones no válidas sin especificar y características en el dispositivo de balanceo de carga. • http://jvn.jp/en/jp/JVN90248889/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000018.html http://osvdb.org/64703 http://secunia.com/advisories/39803 http://software.fujitsu.com/jp/security/vulnerabilities/jvn-90248889.html http://www.fujitsu.com/global/support/software/security/products-f/interstage-201001e.html http://www.securityfocus.com/bid/40189 http://www.vupen.com/english/advisories/2010/1165 https://exchange.xforce.ibmcloud.com/vulnerabilities/58634 •

CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0

Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server 5.0, 7.0, 7.0.1, and 8.0.0 for Windows, allows attackers to cause a denial of service via a crafted request. Vulnerabilidad no especificada en Fujitsu Interstage HTTP Server, como el que se usa en Interstage Application Server v5.0, v7.0, v7.0.1 y v8.0.0 para Windows, permite a los atacantes provocar una denegación de servicio a través de una solicitud manipulada. • http://secunia.com/advisories/28606 http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html http://www.securityfocus.com/bid/27391 http://www.vupen.com/english/advisories/2008/0233 https://exchange.xforce.ibmcloud.com/vulnerabilities/39847 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL. Vulnerabilidad no especificada en Fujitsu Interstage HTTP Server, como el que se usa en Interstage Application Server Enterprise Edition v7.0.1 para Solaris, permite a los atacantes provocar una denegación de servicio a través de vectores desconocidos relacionados con SSL. • http://secunia.com/advisories/28606 http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html http://www.securityfocus.com/bid/27391 http://www.vupen.com/english/advisories/2008/0233 https://exchange.xforce.ibmcloud.com/vulnerabilities/39848 •