Vulnerability Description
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Cosminexus Application Server Enterprise | <= 06_51_j |
| Hitachi | Cosminexus Application Server Standard | <= 06_51_j |
| Hitachi | Cosminexus Developer Light Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Developer Professional Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Developer Standard Version 6 | <= 06_51_j |
| Hitachi | Cosminexus Server | <= 04_01 |
| Hitachi | Ucosminexus Application Server Enterprise | <= 07_50_01 |
| Hitachi | Ucosminexus Application Server Standard | <= 07_50_01 |
| Hitachi | Ucosminexus Developer Light | <= 06_71_d |
| Hitachi | Ucosminexus Developer Professional | <= 07_50_01 |
| Hitachi | Ucosminexus Developer Standard | <= 07_50_01 |
| Hitachi | Ucosminexus Service Architect | <= 07_50_01 |
| Hitachi | Ucosminexus Service Platform | <= 07_50_01 |
| Hitachi | Web Server | 01_00 |
Related Weaknesses (CWE)
References
- http://osvdb.org/42026
- http://secunia.com/advisories/27421PatchVendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.htmlPatch
- http://www.securityfocus.com/bid/26271
- http://www.vupen.com/english/advisories/2007/3666
- http://osvdb.org/42026
- http://secunia.com/advisories/27421PatchVendor Advisory
- http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.htmlPatch
- http://www.securityfocus.com/bid/26271
- http://www.vupen.com/english/advisories/2007/3666
FAQ
What is CVE-2007-5810?
CVE-2007-5810 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a ...
How severe is CVE-2007-5810?
CVE-2007-5810 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5810?
Check the references section above for vendor advisories and patch information. Affected products include: Hitachi Cosminexus Application Server Enterprise, Hitachi Cosminexus Application Server Standard, Hitachi Cosminexus Developer Light Version 6, Hitachi Cosminexus Developer Professional Version 6, Hitachi Cosminexus Developer Standard Version 6.