[Japanese]

JVNDB-2010-001874

Denial of Service (DoS) Vulnerability in Cosminexus

Overview

Cosminexus series products contain a vulnerability that could cause a denial of service (DoS) condition when receiving unexpected data.
After it abends, the service can be restarted by rebooting the system.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Complete
Affected Products


Hitachi, Ltd
  • Cosminexus Developer Professional Version 6
  • Cosminexus Developer Standard Version 6
  • DocumentBroker Version 3 Smart Document Management
  • uCosminexus Developer Professional
  • uCosminexus Developer Standard
  • uCosminexus Navigation Platform
  • uCosminexus Navigation Platform - User License
  • uCosminexus Navigation Platform - Authoring License
  • uCosminexus Navigation Developer
  • uCosminexus Reporting Base
  • uCosminexus Service Architect
  • uCosminexus SI Navigation System
  • Electronic Form Workflow - Developer Client Set
  • Electronic Form Workflow - Developer Set

Impact

A remote attacker could cause a denial of service (DoS) condition.
Solution

Please refer to the 'Vendor Information' and 'References' section for the countermeasures and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS10-017
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2010/09/01]
      Web page published