Privilege Escalation Vulnerability in Cosminexus Application Server by Hitachi
CVE-2007-4563

Currently unrated

Key Information:

Vendor: Hitachi
Status: Ucosminexus Application Server Standard; Ucosminexus Service Platform; Cosminexus Application Server Enterprise; Ucosminexus Application Server Enterprise
Vendor: CVE Published:; 28 August 2007

Summary

In Hitachi's Cosminexus Application Server version 06-50 and later, a vulnerability exists that allows local users to exploit improper group permissions assigned to J2EE server processes. This misconfiguration can lead to unauthorized privilege escalation, enabling users to gain access to restricted areas of the application environment. Organizations using this software should assess their systems to ensure they are protected against potential exploitation of this flaw.

References

http://osvdb.org/37854

vdb-entryx_refsource_OSVDB

http://www.hitachi-support.com/security_e/vuls_e/HS07-025...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/25434

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 28, 2007
Vulnerability Reserved
Aug 27, 2007