Multiple Vulnerabilities in Cosminexus


Cosminexus Developer's Kit for Java and Hitachi Developer's Kit for Java contain the following vulnerabilities:

CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698

CVSS Severity (What is CVSS?)

Affected Products

Hitachi, Ltd
  • uCosminexus Application Server
  • uCosminexus Application Server (64)
  • uCosminexus Client
  • uCosminexus Developer
  • uCosminexus Service Architect
  • uCosminexus Service Platform
  • uCosminexus Service Platform (64)

Please refer to Vendor Information for more details.

Regarding the impact of the vulnerability, please refer to the vendor advisory.

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

  1. No Mapping(CWE-noinfo) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-2602
  2. CVE-2019-2684
  3. CVE-2019-2697
  4. CVE-2019-2698

  1. National Vulnerability Database (NVD) : CVE-2019-2602
  2. National Vulnerability Database (NVD) : CVE-2019-2684
  3. National Vulnerability Database (NVD) : CVE-2019-2697
  4. National Vulnerability Database (NVD) : CVE-2019-2698
Revision History

  • [2019/04/25]
      Web page was published