[Japanese]

JVNDB-2010-001879

Denial of Service (DoS) Vulnerability in JP1/NETM

Overview

A Built-in database in JP1/NETM contains a vulnerability that could cause a denial of service (DoS) condition due to the abnormal ending of the database process when receiving unexpected data.
After the process abends, the service can be restarted by rebooting JP1/IM.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Hitachi, Ltd
  • Job Management Partner 1/Asset Information Manager
  • Job Management Partner 1/Asset Information Manager Embedded RDB Edition
  • Job Management Partner 1/Software Distribution Manager
  • Job Management Partner 1/Software Distribution Manager Embedded RDB Edition
  • JP1/Asset Information Manager
  • JP1/Asset Information Manager Embedded RDB Edition
  • JP1/NETM/Asset Information Manager
  • JP1/NETM/Asset Information Manager Embedded RDB Edition
  • JP1/NETM/Asset Information Manager for Blade PC
  • JP1/NETM/Audit - Manager
  • JP1/NETM/DM Manager
  • JP1/NETM/DM Manager Embedded RDB Edition
  • JP1/Software Distribution Manager
  • JP1/Software Distribution Manager Embedded RDB Edition

Impact

A remote attacker could cause a denial of service (DoS) condition.
Solution

Please refer to the 'Vendor Information' and 'References' section for the countermeasures and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS10-022
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2010/09/01]
      Web page published
    [2010/12/17]
      Affected Products : Added Hitachi (HS10-022).