Vulnerability Details CVE-2007-4124
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.5%
CVSS Severity
CVSS v2 Score 4.9
References
- http://osvdb.org/37852
- http://secunia.com/advisories/26250
- http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html
- http://www.securityfocus.com/bid/25145
- http://www.vupen.com/english/advisories/2007/2725
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35706
- http://osvdb.org/37852
- http://secunia.com/advisories/26250
- http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html
- http://www.securityfocus.com/bid/25145
- http://www.vupen.com/english/advisories/2007/2725
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35706
Products affected by CVE-2007-4124
-
cpe:2.3:a:hitachi:cosminexus_application_server:6
-
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*
-
cpe:2.3:a:hitachi:cosminexus_developer:6
-
cpe:2.3:a:hitachi:cosminexus_erp_integrator:*
-
cpe:2.3:a:hitachi:cosminexus_opentp1_web_front-end_set:*
-
cpe:2.3:a:hitachi:electronic_form_workflow:*
-
cpe:2.3:a:hitachi:groupmax_collaboration_portal:*
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/a
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/e
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/f
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/g
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/h
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/l
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/n
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70-/o
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-70f
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-71
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-71-/f
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-71-/g
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-71-/h
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-72
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-72-/d
-
cpe:2.3:a:hitachi:ucosminexus_application_server:06-72-/e
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-00
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-00-05
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-00-06
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-00-09
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-00-10
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-03-02
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-03-03
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-10
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-50-09
-
cpe:2.3:a:hitachi:ucosminexus_application_server:07-60
-
cpe:2.3:a:hitachi:ucosminexus_application_server:08-00
-
cpe:2.3:a:hitachi:ucosminexus_application_server:08-00-01
-
cpe:2.3:a:hitachi:ucosminexus_application_server:08-00-02
-
cpe:2.3:a:hitachi:ucosminexus_application_server:6.7
-
cpe:2.3:a:hitachi:ucosminexus_application_server:7
-
cpe:2.3:a:hitachi:ucosminexus_application_server:8
-
cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:*
-
cpe:2.3:a:hitachi:ucosminexus_developer:*
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-70
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-70-/f
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-70-/g
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-71
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-71-/f
-
cpe:2.3:a:hitachi:ucosminexus_developer:06-71-/g
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-00
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-00-05
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-00-06
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-00-09
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-00-10
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-03-02
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-03-03
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-50-09
-
cpe:2.3:a:hitachi:ucosminexus_developer:07-60
-
cpe:2.3:a:hitachi:ucosminexus_developer:08-00
-
cpe:2.3:a:hitachi:ucosminexus_developer:08-00-01
-
cpe:2.3:a:hitachi:ucosminexus_developer:08-00-02
-
cpe:2.3:a:hitachi:ucosminexus_developer:6
-
cpe:2.3:a:hitachi:ucosminexus_developer:6.7
-
cpe:2.3:a:hitachi:ucosminexus_developer:7
-
cpe:2.3:a:hitachi:ucosminexus_developer:8
-
cpe:2.3:a:hitachi:ucosminexus_erp_integrator:*
-
cpe:2.3:a:hitachi:ucosminexus_opentp1_web_front-end_set:*
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-00
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-00-05
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-00-06
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-00-09
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-00-10
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-03-02
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-03-03
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-50-09
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:07-60
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:08-00
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:08-00-01
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:08-00-02
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:6.7
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:7
-
cpe:2.3:a:hitachi:ucosminexus_service_architect:8
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-00
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-00-05
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-00-06
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-00-09
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-00-10
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-03-02
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-03-03
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-10
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-50-09
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:07-60
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:08-00
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:08-00-01
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:08-00-02
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:6.7
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:7
-
cpe:2.3:a:hitachi:ucosminexus_service_platform:8