CVE-2007-4124
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
La función de recuperación de sesión ante fallos en Cosminexus Component Container de Cosminexus 6, 6.7, y 7 anterior al 31/07/2007, como el usado en múltiples productos de Hitachi, puede utilizar información de la sesión para el usuario equivocado bajo ciertas condiciones no especificadas, lo cual podría permitir a usuarios autenticados remotos obtener información sensible, corromper la información de sesión de otros usuarios, y posiblemente obtener privilegios.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-08-01 CVE Reserved
- 2007-08-01 CVE Published
- 2024-07-12 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://osvdb.org/37852 | Vdb Entry | |
http://www.securityfocus.com/bid/25145 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/2725 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/35706 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html | 2017-07-29 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/26250 | 2017-07-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hitachi Search vendor "Hitachi" | Cosminexus Application Server Search vendor "Hitachi" for product "Cosminexus Application Server" | 6 Search vendor "Hitachi" for product "Cosminexus Application Server" and version "6" | enterprise |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Application Server Search vendor "Hitachi" for product "Cosminexus Application Server" | 6 Search vendor "Hitachi" for product "Cosminexus Application Server" and version "6" | standard |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Collaboration Portal Search vendor "Hitachi" for product "Cosminexus Collaboration Portal" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Developer Search vendor "Hitachi" for product "Cosminexus Developer" | 6 Search vendor "Hitachi" for product "Cosminexus Developer" and version "6" | light |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Developer Search vendor "Hitachi" for product "Cosminexus Developer" | 6 Search vendor "Hitachi" for product "Cosminexus Developer" and version "6" | professional |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Developer Search vendor "Hitachi" for product "Cosminexus Developer" | 6 Search vendor "Hitachi" for product "Cosminexus Developer" and version "6" | standard |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Erp Integrator Search vendor "Hitachi" for product "Cosminexus Erp Integrator" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Cosminexus Opentp1 Web Front-end Set Search vendor "Hitachi" for product "Cosminexus Opentp1 Web Front-end Set" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Electronic Form Workflow Search vendor "Hitachi" for product "Electronic Form Workflow" | * | developer_client_set |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Electronic Form Workflow Search vendor "Hitachi" for product "Electronic Form Workflow" | * | professional_library_set |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Electronic Form Workflow Search vendor "Hitachi" for product "Electronic Form Workflow" | * | standard_set |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Groupmax Collaboration Portal Search vendor "Hitachi" for product "Groupmax Collaboration Portal" | * | server |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Application Server Search vendor "Hitachi" for product "Ucosminexus Application Server" | * | enterprise |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Application Server Search vendor "Hitachi" for product "Ucosminexus Application Server" | * | standard |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Collaboration Portal Search vendor "Hitachi" for product "Ucosminexus Collaboration Portal" | * | server |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Developer Search vendor "Hitachi" for product "Ucosminexus Developer" | * | light |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Developer Search vendor "Hitachi" for product "Ucosminexus Developer" | * | professional |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Developer Search vendor "Hitachi" for product "Ucosminexus Developer" | * | standard |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Erp Integrator Search vendor "Hitachi" for product "Ucosminexus Erp Integrator" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Opentp1 Web Front-end Set Search vendor "Hitachi" for product "Ucosminexus Opentp1 Web Front-end Set" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Service Architect Search vendor "Hitachi" for product "Ucosminexus Service Architect" | * | - |
Affected
| ||||||
Hitachi Search vendor "Hitachi" | Ucosminexus Service Platform Search vendor "Hitachi" for product "Ucosminexus Service Platform" | * | - |
Affected
|