CVE-2007-5810

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

Published: Nov 5, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5810
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
hitachi / web_server	02_02	02_02.x
hitachi / ucosminexus_application_server_standard	-	07_50_01.x
hitachi / ucosminexus_developer_standard	-	07_50_01.x
hitachi / web_server	01_02_d	01_02_d.x
hitachi / web_server	02_00	02_00.x
hitachi / cosminexus_application_server_enterprise	-	06_51_j.x
hitachi / web_server	02_04_b	02_04_b.x
hitachi / ucosminexus_developer_light	-	06_71_d.x
hitachi / cosminexus_developer_standard_version_6	-	06_51_j.x
hitachi / ucosminexus_service_platform	-	07_50_01.x
hitachi / web_server	03_00	03_00.x
hitachi / cosminexus_application_server_standard	-	06_51_j.x
hitachi / web_server	01_02_e	01_02_e.x
hitachi / cosminexus_server	-	04_01.x
hitachi / web_server	03_00_01	03_00_01.x
hitachi / ucosminexus_application_server_enterprise	-	07_50_01.x
hitachi / ucosminexus_developer_professional	-	07_50_01.x
hitachi / web_server	01_00	01_00.x
hitachi / web_server	01_01	01_01.x
hitachi / cosminexus_developer_professional_version_6	-	06_51_j.x
hitachi / web_server	02_06_a	02_06_a.x
hitachi / cosminexus_developer_light_version_6	-	06_51_j.x
hitachi / web_server	02_00_a	02_00_a.x
hitachi / web_server	01_01_d	01_01_d.x
hitachi / ucosminexus_service_architect	-	07_50_01.x

Vulnerability Database

289,697

CVE-2007-5810