[Japanese]

JVNDB-2026-003911

Vulnerability in Cosminexus HTTP Server

Overview

Vulnerability has been found in Cosminexus HTTP Server.

CVE-2025-23048

This vulnerability does not apply if SSL is disabled.
CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • Cosminexus HTTP Server Linux(x64) 11-50-01 - 11-50-10
  • Cosminexus HTTP Server Linux(x64) 11-20-01 - 11-20-33
  • Cosminexus HTTP Server Linux(x64) 11-10-01 - 11-10-11
  • Cosminexus HTTP Server Windows(x64) 11-50 - 11-50-10
  • Cosminexus HTTP Server Windows(x64) 11-20 - 11-20-35
  • Cosminexus HTTP Server Windows(x64) 11-10 - 11-10-13
  • uCosminexus Application Server Linux(x64) 11-10 - 11-60
  • uCosminexus Application Server Windows(x64) 11-10 - 11-60-01
  • uCosminexus Application Server-R Linux(x64) 11-10 - 11-60
  • uCosminexus Application Server-R Windows(x64) 11-10 - 11-60-01
  • uCosminexus Developer Linux(x64) 11-10 - 11-60
  • uCosminexus Developer Windows(x64) 11-10 - 11-60-01
  • uCosminexus Primary Server Base Linux(x64) 11-10 - 11-60
  • uCosminexus Primary Server Base Windows(x64) 11-10 - 11-60-01
  • uCosminexus Service Architect Linux(x64) 11-10 - 11-60
  • uCosminexus Service Architect Windows(x64) 11-10 - 11-60-01
  • uCosminexus Service Platform Linux(x64) 11-10 - 11-60
  • uCosminexus Service Platform Windows(x64) 11-10 - 11-60-01

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2025-23048
References

Revision History

  • [2026/02/17]
      Web page was published

Date Public2026/02/13
Date First Published2026/02/17
Date Last Updated2026/02/17