CVE-2007-5282

Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via invalid data from clients other than Cosminexus Manager.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/27074	Vendor Advisory
http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html
http://www.securityfocus.com/bid/25937
http://www.vupen.com/english/advisories/2007/3377
https://exchange.xforce.ibmcloud.com/vulnerabilities/36966
http://secunia.com/advisories/27074	Vendor Advisory
http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html
http://www.securityfocus.com/bid/25937
http://www.vupen.com/english/advisories/2007/3377
https://exchange.xforce.ibmcloud.com/vulnerabilities/36966

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hitachi:cosminexus_agent:03_00:::::::*
	cpe:2.3:a:hitachi:cosminexus_agent:03_01:::::::*
	cpe:2.3:a:hitachi:cosminexus_agent:03_02:::::::*
	cpe:2.3:a:hitachi:cosminexus_agent:03_03:::::::*
	cpe:2.3:a:hitachi:cosminexus_agent:03_04:::::::*
	cpe:2.3:a:hitachi:cosminexus_agent:03_05:::::::*
	cpe:2.3:a:hitachi:cosminexus_library_standard:04_00:::::::*
	cpe:2.3:a:hitachi:cosminexus_library_standard:04_01:::::::*
	cpe:2.3:a:hitachi:cosminexus_library_web:04_00:::::::*
	cpe:2.3:a:hitachi:cosminexus_library_web:04_01:::::::*

History

21 Nov 2024, 00:37

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/27074 - Vendor Advisory~~	() http://secunia.com/advisories/27074 - Vendor Advisory
References	~~() http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html -~~	() http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html -
References	~~() http://www.securityfocus.com/bid/25937 -~~	() http://www.securityfocus.com/bid/25937 -
References	~~() http://www.vupen.com/english/advisories/2007/3377 -~~	() http://www.vupen.com/english/advisories/2007/3377 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/36966 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/36966 -

Information

Published : 2007-10-09 00:17

Updated : 2025-04-09 00:30

NVD link : CVE-2007-5282

Mitre link : CVE-2007-5282

CVE.ORG link : CVE-2007-5282

JSON object : View

Products Affected

hitachi

cosminexus_agent
cosminexus_library_web
cosminexus_library_standard

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2007-5282", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-09T00:17:00.000", "references": [{"url": "http://secunia.com/advisories/27074", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25937", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3377", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36966", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27074", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/25937", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/3377", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36966", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via invalid data from clients other than Cosminexus Manager."}, {"lang": "es", "value": "Hitachi Cosminexus Agent 03-00 hasta 03-05, y Cosminexus Library Standard y Web Edition 04-00 y 04-01, podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso agente) mediante informaci\u00f3n inv\u00e1lida de otros clientes que no son Cosminexus Manager."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECB31017-2FF5-42E4-8F7D-51CADF658354"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56531CA2-07C7-4544-B29C-D1464FD034F3"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B3691C7-0D0F-46EB-9DC4-34C163E28441"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1483813-B2CF-40F2-8728-D63202664D6B"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32393C3C-FDDF-4009-B084-6CE26C52E184"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_agent:03_05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AF2BCDE-0BBC-4166-8954-33746908DFD6"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_library_standard:04_00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "111C1A43-C1E7-4E97-B96B-AC66ABA8E2A8"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_library_standard:04_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "163D511F-063C-4ACB-8F5B-5728F561AC7D"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_library_web:04_00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "135C3B93-E9A7-439F-A53A-9FFA700B50FF"}, {"criteria": "cpe:2.3:a:hitachi:cosminexus_library_web:04_01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41165BEE-9618-4BD2-9EB4-0C86717A39C7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

4.3 /10