Privilege Escalation in Cosminexus Application Server by Hitachi
CVE-2007-4564

Currently unrated

Key Information:

Vendor: Hitachi
Status: Ucosminexus Application Server Standard; Ucosminexus Service Platform; Cosminexus Application Server Enterprise; Ucosminexus Application Server Enterprise
Vendor: CVE Published:; 28 August 2007

Summary

The Cosminexus Manager in the Cosminexus Application Server can incorrectly assign user group permissions to logical user server processes. This misconfiguration allows local users to gain unauthorized privileges, potentially leading to further exploitation of the system. Keeping your server updated and regularly auditing user permissions are essential to mitigate this vulnerability.

References

http://www.hitachi-support.com/security_e/vuls_e/HS07-025...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/25434

vdb-entryx_refsource_BID

http://osvdb.org/37855

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Aug 28, 2007
Vulnerability Reserved
Aug 27, 2007