[Japanese]

JVNDB-2019-002892

Multiple Vulnerabilities in Cosminexus

Overview

Cosminexus Developer's Kit for Java and Hitachi Developer's Kit for Java contain the following vulnerabilities:

CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698

CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • uCosminexus Application Server
  • uCosminexus Application Server (64)
  • uCosminexus Client
  • uCosminexus Developer
  • uCosminexus Service Architect
  • uCosminexus Service Platform
  • uCosminexus Service Platform (64)

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-2602
  2. CVE-2019-2684
  3. CVE-2019-2697
  4. CVE-2019-2698
References

  1. National Vulnerability Database (NVD) : CVE-2019-2602
  2. National Vulnerability Database (NVD) : CVE-2019-2684
  3. National Vulnerability Database (NVD) : CVE-2019-2697
  4. National Vulnerability Database (NVD) : CVE-2019-2698
Revision History

  • [2019/04/25]
      Web page was published