Sign-up

ID

VAR-200708-0152


CVE

CVE-2007-4122


TITLE

Hitachi JP1/Cm2/HV Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-004207

DESCRIPTION

Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) 06-00 through 06-71-/B allows remote attackers to cause a denial of service (application stop and web interface outage) via certain "unexpected data.". Hitachi JP1 / Cm2 / Hierarchical is a middleware platform software.  There is a vulnerability in the implementation of Hitachi JP1 / Cm2 / Hierarchical Viewer. A remote attacker may use this vulnerability to cause a denial of service.  HV generates an error when processing malformed data, which makes the HV web interface unavailable. Attackers can exploit this issue to cause denial-of-service conditions. ---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Please see the vendor's advisory for a list of affected versions. SOLUTION: Please see the vendor's advisory for fix information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-021_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2007-4122 // JVNDB: JVNDB-2007-004207 // CNVD: CNVD-2007-4795 // BID: 25144 // PACKETSTORM: 58205

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2007-4795

AFFECTED PRODUCTS

vendor:hitachimodel:jp1-cm2-hierarchical viewerscope:eqversion:06.71_b

Trust: 1.6

vendor:hitachimodel:jp1-cm2-hierarchical viewerscope:eqversion:06.00

Trust: 1.6

vendor:hitachimodel:jp1-cm2-hierarchical viewerscope:eqversion:06-00 to 06-71-/b

Trust: 0.8

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:hitachimodel:jp1/cm2/hierarchical viewer 06-71-/b (wiscope:eqversion:06-00-

Trust: 0.3

vendor:hitachimodel:jp1/cm2/hierarchical viewer 06-71-/b (soscope:eqversion:06-00-

Trust: 0.3

vendor:hitachimodel:jp1/cm2/hierarchical viewer 06-71-/b (hpscope:eqversion:06-00-

Trust: 0.3

vendor:hitachimodel:jp1/cm2/hierarchical viewerscope:neversion:07-00(*4)

Trust: 0.3

vendor:hitachimodel:jp1/cm2/hierarchical viewerscope:neversion:07-00(*3)

Trust: 0.3

vendor:hitachimodel:jp1/cm2/hierarchical viewerscope:neversion:07-00(*2)

Trust: 0.3

sources: CNVD: CNVD-2007-4795 // BID: 25144 // JVNDB: JVNDB-2007-004207 // CNNVD: CNNVD-200708-011 // NVD: CVE-2007-4122

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4122
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-4122
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200708-011
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2007-4122
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2007-004207 // CNNVD: CNNVD-200708-011 // NVD: CVE-2007-4122

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-4122

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-011

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200708-011

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-004207

PATCH
title:HS07-021url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-021/index.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-004207

EXTERNAL IDS
db:NVDid:CVE-2007-4122
Trust: 3.3
db:HITACHIid:HS07-021
Trust: 2.0
db:BIDid:25144
Trust: 1.9
db:SECUNIAid:26242
Trust: 1.8
db:VUPENid:ADV-2007-2722
Trust: 1.6
db:OSVDBid:37853
Trust: 1.6
db:JVNDBid:JVNDB-2007-004207
Trust: 0.8
db:CNVDid:CNVD-2007-4795
Trust: 0.6
db:XFid:35703
Trust: 0.6
db:CNNVDid:CNNVD-200708-011
Trust: 0.6
db:PACKETSTORMid:58205
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2007-4795 // 
            
            
            
            BID: 25144 // 
            
            
            
            JVNDB: JVNDB-2007-004207 // 
            
            
            
            PACKETSTORM: 58205 // 
            
            
            
            CNNVD: CNNVD-200708-011 // 
            
            
            
            NVD: CVE-2007-4122

REFERENCES
url:http://www.hitachi-support.com/security_e/vuls_e/hs07-021_e/index-e.html
Trust: 2.0
url:http://secunia.com/advisories/26242
Trust: 1.6
url:http://osvdb.org/37853
Trust: 1.6
url:http://www.securityfocus.com/bid/25144
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35703
Trust: 1.0
url:http://www.vupen.com/english/advisories/2007/2722
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4122
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4122
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/2722
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/35703
Trust: 0.6
url:http://www.hitachi.co.jp/prod/comp/soft1/groupmax/product/suiteindex.html#coll
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:https://psi.secunia.com/
Trust: 0.1
url:http://secunia.com/advisories/26242/
Trust: 0.1
url:http://secunia.com/product/15094/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            BID: 25144 // 
            
            
            
            JVNDB: JVNDB-2007-004207 // 
            
            
            
            PACKETSTORM: 58205 // 
            
            
            
            CNNVD: CNNVD-200708-011 // 
            
            
            
            NVD: CVE-2007-4122

CREDITS
The vendor disclosed this issue.
Trust: 0.3
sources:
            
            
            BID: 25144

SOURCES
db:CNVDid:CNVD-2007-4795
db:BIDid:25144
db:JVNDBid:JVNDB-2007-004207
db:PACKETSTORMid:58205
db:CNNVDid:CNNVD-200708-011
db:NVDid:CVE-2007-4122

LAST UPDATE DATE
2025-04-10T23:23:41.836000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2007-4795date:2007-07-31T00:00:00
db:BIDid:25144date:2015-05-07T17:36:00
db:JVNDBid:JVNDB-2007-004207date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200708-011date:2007-08-01T00:00:00
db:NVDid:CVE-2007-4122date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CNVDid:CNVD-2007-4795date:2007-07-31T00:00:00
db:BIDid:25144date:2007-07-31T00:00:00
db:JVNDBid:JVNDB-2007-004207date:2012-09-25T00:00:00
db:PACKETSTORMid:58205date:2007-08-01T00:35:42
db:CNNVDid:CNNVD-200708-011date:2007-08-01T00:00:00
db:NVDid:CVE-2007-4122date:2007-08-01T16:17:00