CVE-2007-4563

Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_b:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_e_1:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_f:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_b_1:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_51_c:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_b:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_c_1:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_e_1:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_50_f:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_b_1:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_application_server_standard:06_51_c:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow_-_standard_set:07_00_b:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:electronic_form_workflow_-professional_library_set:07_00_b:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_a:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_b_1:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_d:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_70_g:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_b:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_71_c:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_1:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_b:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:06_72_g:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07-00-01:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_00_12:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_1:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_06:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:07_10_08:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_a:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_b_1:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_c:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_70_d:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_71_b:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_1:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_b_1:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_c:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_d:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:06_72_g:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00:*:solaris:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_00_1:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:hpux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:07_10:*:linux_ipf:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_platform:07_00:*:linux:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:aix:*:*:*:*:*
cpe:2.3:a:hitachi:ucosminexus_service_platform:07_10:*:linux:*:*:*:*:*

History

21 Nov 2024, 00:35

Type Values Removed Values Added
References () http://osvdb.org/37854 - () http://osvdb.org/37854 -
References () http://secunia.com/advisories/26589 - Patch, Vendor Advisory () http://secunia.com/advisories/26589 - Patch, Vendor Advisory
References () http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html - Patch () http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html - Patch
References () http://www.securityfocus.com/bid/25434 - Patch () http://www.securityfocus.com/bid/25434 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36245 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36245 -

Information

Published : 2007-08-28 01:17

Updated : 2024-11-21 00:35


NVD link : CVE-2007-4563

Mitre link : CVE-2007-4563

CVE.ORG link : CVE-2007-4563


JSON object : View

Products Affected

hitachi

  • cosminexus_application_server_standard
  • ucosminexus_application_server_enterprise
  • electronic_form_workflow_-professional_library_set
  • cosminexus_application_server_enterprise
  • ucosminexus_application_server_standard
  • ucosminexus_service_platform
  • electronic_form_workflow_-_standard_set
CWE
CWE-264

Permissions, Privileges, and Access Controls