[Japanese]

JVNDB-2010-001878

Denial of Service (DoS) Vulnerability in JP1/Integrated Manager and JP1/Integrated Management

Overview

A Built-in database in JP1/Integrated Manager and JP1/Integrated Management (JP1/IM) contains a vulnerability that could cause a denial of service (DoS) condition due to the abnormal ending of the database process when receiving unexpected data.
After the process abends, the service can be restarted by rebooting JP1/IM.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Hitachi, Ltd
  • JP1/Integrated Management - Incident Master
  • JP1/Integrated Management - Central Information Master
  • JP1/Integrated Management - Manager
  • JP1/Integrated Manager - Incident Master
  • JP1/Integrated Manager - Central Information Master

Impact

A remote attacker could cause a denial of service (DoS) condition.
Solution

Please refer to the 'Vendor Information' and 'References' section for the countermeasures and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS10-021
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2010/09/01]
      Web page published

Date Public2010/07/30
Date First Published2010/09/01
Date Last Updated2010/09/01