Sign-up

ID

VAR-201406-0507


TITLE

Xml eXternal Entity Vulnerability in XML link function of Hitachi COBOL2002

Trust: 0.8

sources: JVNDB: JVNDB-2014-002802

DESCRIPTION

XML link function of Hitachi COBOL2002 contains vulnerabilities to conduct information leakage or cause a denial of service (DoS) condition.A remote attacker could conduct information leakage or cause a denial of service (DoS) condition via untrusted XML document loading unexpected external entities.

Trust: 0.8

sources: JVNDB: JVNDB-2014-002802

AFFECTED PRODUCTS

vendor:hitachimodel:cobol2002 developer professionalscope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net client runtimescope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net client suitescope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net developerscope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net developerscope:eqversion:(64)

Trust: 0.8

vendor:hitachimodel:cobol2002 net server runtimescope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net server runtimescope:eqversion:(64)

Trust: 0.8

vendor:hitachimodel:cobol2002 net server suitescope: - version: -

Trust: 0.8

vendor:hitachimodel:cobol2002 net server suitescope:eqversion:(64)

Trust: 0.8

vendor:hitachimodel:cobol2002 professional option for developerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2014-002802

CVSS

SEVERITY

CVSSV2

CVSSV3

VENDOR: JVNDB-2014-002802
value: MEDIUM

Trust: 0.8

VENDOR: JVNDB-2014-002802
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2014-002802

PROBLEMTYPE DATA

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-002802

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002802

PATCH
title:HS14-014url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs14-014/index.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-002802

EXTERNAL IDS
db:JVNDBid:JVNDB-2014-002802
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-002802

SOURCES
db:JVNDBid:JVNDB-2014-002802

LAST UPDATE DATE
2022-05-04T09:18:15.251000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2014-002802date:2015-03-03T00:00:00

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2014-002802date:2014-06-12T00:00:00