Details of VAR-201003-0531

ID

VAR-201003-0531

TITLE

uCosminexus Portal Framework Cross-Site Scripting Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

DESCRIPTION

uCosminexus Portal Framework has a cross-site scripting vulnerability.A remote attacker could make users of affected systems unknowingly execute malicious scripts.

Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

AFFECTED PRODUCTS

vendor:	hitachi	model:	cosminexus collaboration portal	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus collaboration portal	scope:	eq	version:	- forum/file sharing	Trust: 0.8
vendor:	hitachi	model:	cosminexus portal framework	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	cosminexus portal framework	scope:	eq	version:	- light	Trust: 0.8
vendor:	hitachi	model:	electronic form workflow	scope:	eq	version:	developer set	Trust: 0.8
vendor:	hitachi	model:	electronic form workflow	scope:	eq	version:	set	Trust: 0.8
vendor:	hitachi	model:	groupmax collaboration portal	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	groupmax collaboration web client	scope:	eq	version:	- forum/file sharing	Trust: 0.8
vendor:	hitachi	model:	groupmax collaboration web client - mail/schedule	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	jp1/integrated management	scope:	eq	version:	- service support	Trust: 0.8
vendor:	hitachi	model:	ucosminexus collaboration portal	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus collaboration portal	scope:	eq	version:	- forum/file sharing	Trust: 0.8
vendor:	hitachi	model:	ucosminexus content manager	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus electronic form workflow	scope:	eq	version:	quickstart edition	Trust: 0.8
vendor:	hitachi	model:	ucosminexus electronic form workflow	scope:	eq	version:	quickstart edition with hirdb	Trust: 0.8
vendor:	hitachi	model:	ucosminexus navigation	scope:	eq	version:	developer	Trust: 0.8
vendor:	hitachi	model:	ucosminexus navigation	scope:	eq	version:	platform	Trust: 0.8
vendor:	hitachi	model:	ucosminexus navigation	scope:	eq	version:	platform - authoring license	Trust: 0.8
vendor:	hitachi	model:	ucosminexus navigation	scope:	eq	version:	platform - user license	Trust: 0.8
vendor:	hitachi	model:	ucosminexus portal framework	scope:	-	version:	-	Trust: 0.8
vendor:	hitachi	model:	ucosminexus portal framework	scope:	eq	version:	- light	Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2010-001088
value:	MEDIUM
Trust: 0.8

IPA:	JVNDB-2010-001088
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-001088

PATCH

title:

HS10-001

url:

http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs10-001/index.html

Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

EXTERNAL IDS

db:

JVNDB

id:

JVNDB-2010-001088

Trust: 0.8

sources: JVNDB: JVNDB-2010-001088

SOURCES

db:

JVNDB

id:

JVNDB-2010-001088

LAST UPDATE DATE

2022-05-04T10:20:12.331000+00:00

SOURCES UPDATE DATE

db:

JVNDB

id:

JVNDB-2010-001088

date:

2010-03-03T00:00:00

SOURCES RELEASE DATE

db:

JVNDB

id:

JVNDB-2010-001088

date:

2010-03-03T00:00:00