// For flags

CVE-2007-4124

 

Severity Score

4.9
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.

La función de recuperación de sesión ante fallos en Cosminexus Component Container de Cosminexus 6, 6.7, y 7 anterior al 31/07/2007, como el usado en múltiples productos de Hitachi, puede utilizar información de la sesión para el usuario equivocado bajo ciertas condiciones no especificadas, lo cual podría permitir a usuarios autenticados remotos obtener información sensible, corromper la información de sesión de otros usuarios, y posiblemente obtener privilegios.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-08-01 CVE Reserved
  • 2007-08-01 CVE Published
  • 2024-07-12 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hitachi
Search vendor "Hitachi"
Cosminexus Application Server
Search vendor "Hitachi" for product "Cosminexus Application Server"
6
Search vendor "Hitachi" for product "Cosminexus Application Server" and version "6"
enterprise
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Application Server
Search vendor "Hitachi" for product "Cosminexus Application Server"
6
Search vendor "Hitachi" for product "Cosminexus Application Server" and version "6"
standard
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Collaboration Portal
Search vendor "Hitachi" for product "Cosminexus Collaboration Portal"
*-
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Developer
Search vendor "Hitachi" for product "Cosminexus Developer"
6
Search vendor "Hitachi" for product "Cosminexus Developer" and version "6"
light
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Developer
Search vendor "Hitachi" for product "Cosminexus Developer"
6
Search vendor "Hitachi" for product "Cosminexus Developer" and version "6"
professional
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Developer
Search vendor "Hitachi" for product "Cosminexus Developer"
6
Search vendor "Hitachi" for product "Cosminexus Developer" and version "6"
standard
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Erp Integrator
Search vendor "Hitachi" for product "Cosminexus Erp Integrator"
*-
Affected
Hitachi
Search vendor "Hitachi"
Cosminexus Opentp1 Web Front-end Set
Search vendor "Hitachi" for product "Cosminexus Opentp1 Web Front-end Set"
*-
Affected
Hitachi
Search vendor "Hitachi"
Electronic Form Workflow
Search vendor "Hitachi" for product "Electronic Form Workflow"
*developer_client_set
Affected
Hitachi
Search vendor "Hitachi"
Electronic Form Workflow
Search vendor "Hitachi" for product "Electronic Form Workflow"
*professional_library_set
Affected
Hitachi
Search vendor "Hitachi"
Electronic Form Workflow
Search vendor "Hitachi" for product "Electronic Form Workflow"
*standard_set
Affected
Hitachi
Search vendor "Hitachi"
Groupmax Collaboration Portal
Search vendor "Hitachi" for product "Groupmax Collaboration Portal"
*server
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Application Server
Search vendor "Hitachi" for product "Ucosminexus Application Server"
*enterprise
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Application Server
Search vendor "Hitachi" for product "Ucosminexus Application Server"
*standard
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Collaboration Portal
Search vendor "Hitachi" for product "Ucosminexus Collaboration Portal"
*server
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Developer
Search vendor "Hitachi" for product "Ucosminexus Developer"
*light
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Developer
Search vendor "Hitachi" for product "Ucosminexus Developer"
*professional
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Developer
Search vendor "Hitachi" for product "Ucosminexus Developer"
*standard
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Erp Integrator
Search vendor "Hitachi" for product "Ucosminexus Erp Integrator"
*-
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Opentp1 Web Front-end Set
Search vendor "Hitachi" for product "Ucosminexus Opentp1 Web Front-end Set"
*-
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Service Architect
Search vendor "Hitachi" for product "Ucosminexus Service Architect"
*-
Affected
Hitachi
Search vendor "Hitachi"
Ucosminexus Service Platform
Search vendor "Hitachi" for product "Ucosminexus Service Platform"
*-
Affected