CVE-2007-5810

CVSS V2 Medium 5 CVSS V3 None
Description
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
Overview
  • CVE ID
  • CVE-2007-5810
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2007-11-05T17:46:00
  • Last Modified Date
  • 2011-03-08T03:01:20
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:* 1 OR 06_51_j
cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:* 1 OR 06_51_j
cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:* 1 OR 06_51_j
cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:* 1 OR 06_51_j
cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:* 1 OR 06_51_j
cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:* 1 OR 04_01
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:* 1 OR 06_71_d
cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:* 1 OR 07_50_01
cpe:2.3:a:hitachi:web_server:01_00:*:hpux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_00:*:solaris:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_01:*:aix:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_01:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_01:*:turbolinux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_01_d:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_02_d:*:hpux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_02_d:*:solaris:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:01_02_e:*:aix:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:aix:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:hpux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:solaris:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:turbolinux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_00_a:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_02:*:hpux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_02:*:hpux\(ipf\):*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_02:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_04_b:*:aix:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_04_b:*:hpux\(ipf\):*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_04_b:*:solaris:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_04_b:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:02_06_a:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00:*:aix:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00:*:hpux\(ipf\):*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00:*:linux:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00:*:windows:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00_01:*:solaris:*:*:*:*:* 1 OR
cpe:2.3:a:hitachi:web_server:03_00_01:*:windows:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:P/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
History
Created Old Value New Value Data Type Notes
2022-05-10 11:02:09 Added to TrackCVE