Description
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
Published: 2007-08-01
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2007-4108 The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
History

No history.

Subscriptions

Hitachi Cosminexus Application Server Cosminexus Collaboration Portal Cosminexus Developer Cosminexus Erp Integrator Cosminexus Opentp1 Web Front-end Set Electronic Form Workflow Groupmax Collaboration Portal Ucosminexus Application Server Ucosminexus Collaboration Portal Ucosminexus Developer Ucosminexus Erp Integrator Ucosminexus Opentp1 Web Front-end Set Ucosminexus Service Architect Ucosminexus Service Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T14:46:38.979Z

Reserved: 2007-08-01T00:00:00.000Z

Link: CVE-2007-4124

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2007-08-01T16:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4124

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses