PT-2007-6362 · Hitachi · Cosminexus Manager+3
Published
2007-10-09
·
Updated
2017-07-29
·
CVE-2007-5282
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Hitachi Cosminexus Agent versions 03-00 through 03-05
Hitachi Cosminexus Library Standard and Web Edition versions 04-00 and 04-01
Description:
The issue might allow remote attackers to cause a denial of service, resulting in the agent process crash, via invalid data from clients other than Cosminexus Manager.
Recommendations:
For Hitachi Cosminexus Agent versions 03-00 through 03-05, consider restricting access to the agent process to minimize the risk of exploitation.
For Hitachi Cosminexus Library Standard and Web Edition versions 04-00 and 04-01, avoid using invalid data from clients other than Cosminexus Manager until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cosminexus Manager
Hitachi Cosminexus Agent
Hitachi Cosminexus Library Standard
Hitachi Cosminexus Library Web Edition