Vulnerability Description
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Cosminexus Application Server Enterprise | <= 06_51_j |
| Hitachi | Cosminexus Application Server Standard | <= 06_51_j |
| Hitachi | Cosminexus Developer Light Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Developer Professional Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Developer Standard Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Server | <= 04_01 |
| Hitachi | Ucosminexus Application Server Enterprise | <= 07_50_01 |
| Hitachi | Ucosminexus Application Server Standard | <= 07_50_01 |
| Hitachi | Ucosminexus Developer Light | <= 06_71_d |
| Hitachi | Ucosminexus Developer Professional | <= 07_50_01 |
| Hitachi | Ucosminexus Developer Standard | <= 07_50_01 |
| Hitachi | Ucosminexus Service Architect | <= 07_50_01 |
| Hitachi | Ucosminexus Service Platform | <= 07_50_01 |
| Hitachi | Web Server | 01_00 |
Related Weaknesses (CWE)
References
- http://osvdb.org/42027
- http://secunia.com/advisories/27421Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
- http://www.securityfocus.com/bid/26271
- http://www.vupen.com/english/advisories/2007/3666
- http://osvdb.org/42027
- http://secunia.com/advisories/27421Vendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
- http://www.securityfocus.com/bid/26271
- http://www.vupen.com/english/advisories/2007/3666
FAQ
What is CVE-2007-5809?
CVE-2007-5809 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecifi...
How severe is CVE-2007-5809?
CVE-2007-5809 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5809?
Check the references section above for vendor advisories and patch information. Affected products include: Hitachi Cosminexus Application Server Enterprise, Hitachi Cosminexus Application Server Standard, Hitachi Cosminexus Developer Light Version 6, Hitachi Cosminexus Developer Professional Version 6, Hitachi Cosminexus Developer Standard Version 6.