[Japanese] | |
JVNDB-2013-001321 | |
User Authentication Vulnerability in Operational Management Function of Cosminexus | |
Overview | |
The operational management function of Cosminexus does not properly require authentication for manipulation of an operational management portal, which allows remote attackers to delete and replace applications which other users attached. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [Vendor Score]
| |
Affected Products | |
| |
Hitachi, Ltd | |
Please refer to HS13-002 provided by Hitachi for more details. | |
Impact | |
A remote attacker could delete and replace applications which other users attached. | |
Solution | |
Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action. | |
Vendor Information | |
Hitachi, Ltd | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2013/01/28 |
Date First Published | 2013/02/12 |
Date Last Updated | 2013/02/12 |