CVE-2007-5810

EPSS 0.22%
Published 05.11.2007 17:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Hitachi ≫ Cosminexus Application Server Enterprise Version <= 06_51_j

Hitachi ≫ Cosminexus Application Server Standard Version <= 06_51_j

Hitachi ≫ Cosminexus Developer Light Version 6 Version <= 06_51_j

Hitachi ≫ Cosminexus Developer Professional Version 6 Version <= 06_51_j

Hitachi ≫ Cosminexus Developer Standard Version 6 Version <= 06_51_j

Hitachi ≫ Cosminexus Server Version <= 04_01

Hitachi ≫ Ucosminexus Application Server Enterprise Version <= 07_50_01

Hitachi ≫ Ucosminexus Application Server Standard Version <= 07_50_01

Hitachi ≫ Ucosminexus Developer Light Version <= 06_71_d

Hitachi ≫ Ucosminexus Developer Professional Version <= 07_50_01

Hitachi ≫ Ucosminexus Developer Standard Version <= 07_50_01

Hitachi ≫ Ucosminexus Service Architect Version <= 07_50_01

Hitachi ≫ Ucosminexus Service Platform Version <= 07_50_01

Hitachi ≫ Web Server Version01_00 Editionhpux

Hitachi ≫ Web Server Version01_00 Editionsolaris

Hitachi ≫ Web Server Version01_01 Editionaix

Hitachi ≫ Web Server Version01_01 Editionlinux

Hitachi ≫ Web Server Version01_01 Editionturbolinux

Hitachi ≫ Web Server Version01_01_d Editionlinux

Hitachi ≫ Web Server Version01_02_d Editionhpux

Hitachi ≫ Web Server Version01_02_d Editionsolaris

Hitachi ≫ Web Server Version01_02_e Editionaix

Hitachi ≫ Web Server Version02_00 Editionaix

Hitachi ≫ Web Server Version02_00 Editionhpux

Hitachi ≫ Web Server Version02_00 Editionlinux

Hitachi ≫ Web Server Version02_00 Editionsolaris

Hitachi ≫ Web Server Version02_00 Editionturbolinux

Hitachi ≫ Web Server Version02_00 Editionwindows

Hitachi ≫ Web Server Version02_00_a Editionlinux

Hitachi ≫ Web Server Version02_02 Editionhpux

Hitachi ≫ Web Server Version02_02 Editionlinux

Hitachi ≫ Web Server Version02_04_b Editionaix

Hitachi ≫ Web Server Version02_04_b Editionhpux

Hitachi ≫ Web Server Version02_04_b Editionsolaris

Hitachi ≫ Web Server Version02_04_b Editionwindows

Hitachi ≫ Web Server Version02_06_a Editionlinux

Hitachi ≫ Web Server Version03_00 Editionaix

Hitachi ≫ Web Server Version03_00 Editionlinux

Hitachi ≫ Web Server Version03_00 Editionwindows

Hitachi ≫ Web Server Version03_00_01 Editionsolaris

Hitachi ≫ Web Server Version03_00_01 Editionwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.411

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/27421

Patch

Vendor Advisory

http://www.securityfocus.com/bid/26271

http://www.vupen.com/english/advisories/2007/3666

http://osvdb.org/42026

http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html

Patch

https://nvd.nist.gov/vuln/detail/CVE-2007-5810

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5810

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5810

EUVD