[Japanese]

JVNDB-2010-002529

Access Control Security Bypass Vulnerability in Interstage Application Server

Overview

Interstage Application Server has an access control security bypass vulnerability which could allow an attacker to access and execute a request from the IP address that should be denied.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products


FUJITSU
  • Interstage Application Framework Suite
  • Interstage Application Server
  • Interstage Apworks
  • Interstage Business Application Server
  • Interstage Job Workload Server
  • Interstage Web Server

Impact

A remote attacker could access and execute a request from the IP address that should be denied.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

FUJITSU
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2010/12/24]
      Web page published

Date Public2010/11/19
Date First Published2010/12/24
Date Last Updated2010/12/24