CVE-2007-4204 - OpenCVE

Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachi	Groupmax Collaboration Portal Groupmax Collaboration Web Client Ucosminexus Collaboration Portal

Configuration 1 [-]

OR	cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32:::::::*
	cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32_b:::::::*
	cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32:::::::*
	cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32_a:::::::*
	cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32:::::::*
	cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32_b:::::::*

No data.

References

Link	Providers
http://osvdb.org/46987
http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html
http://www.vupen.com/english/advisories/2007/2723
https://exchange.xforce.ibmcloud.com/vulnerabilities/35704

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-08T01:11:00

Updated: 2024-08-07T14:46:39.395Z

Reserved: 2007-08-07T00:00:00

Link: CVE-2007-4204

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-08-08T01:17:00.000

Modified: 2017-07-29T01:32:46.660

Link: CVE-2007-4204

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-2723", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2723"}, {"name": "46987", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/46987"}, {"name": "hitachi-groupmax-schedule-info-disclosure(35704)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4204", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-2723", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2723"}, {"name": "46987", "refsource": "OSVDB", "url": "http://osvdb.org/46987"}, {"name": "hitachi-groupmax-schedule-info-disclosure(35704)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"}, {"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html", "refsource": "CONFIRM", "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:46:39.395Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-2723", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2723"}, {"name": "46987", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/46987"}, {"name": "hitachi-groupmax-schedule-info-disclosure(35704)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4204", "datePublished": "2007-08-08T01:11:00", "dateReserved": "2007-08-07T00:00:00", "dateUpdated": "2024-08-07T14:46:39.395Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32:*:*:*:*:*:*:*", "matchCriteriaId": "D2D3053F-0657-4F30-8851-7F46B430BA69", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_portal:07-32_b:*:*:*:*:*:*:*", "matchCriteriaId": "2E2D5034-F336-48AD-A892-31A650A7F54A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32:*:*:*:*:*:*:*", "matchCriteriaId": "67191ED5-9A70-4DD5-B561-D99037D44DEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07-32_a:*:*:*:*:*:*:*", "matchCriteriaId": "8202A38A-1346-4E14-B0BE-A41E46CDB451", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32:*:*:*:*:*:*:*", "matchCriteriaId": "2963D385-1A2B-4ED5-A4C8-7C188B5972F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachi:ucosminexus_collaboration_portal:06-32_b:*:*:*:*:*:*:*", "matchCriteriaId": "934777D6-1B32-46B9-A540-61690A897EBF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information."}, {"lang": "es", "value": "Hitachi Groupmax Collaboration - Schedule, usado en Groupmax Collaboration Portal 07-32 hasta 07-32-/B, uCosminexus Collaboration Portal 06-32 hasta 06-32-/B, y Groupmax Collaboration Web Client - Mail/Schedule 07-32 hasta 07-32-/A, puede asignar datos de programaci\u00f3n (schedule) al usuario incorrecto bajo condiciones no especificadas, lo cual podr\u00eda permitir a usuarios autenticados remotamente obtener informaci\u00f3n sensible."}], "id": "CVE-2007-4204", "lastModified": "2017-07-29T01:32:46.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-08T01:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/46987"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2723"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}