CVE-2007-0514
Published Jan 26, 2007
Last updated 14 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72EB5501-8682-47C6-A09B-64D628C319CB"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "336AC0E8-01DB-4D75-8F9F-E1673BE7883A"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_application_server_version_5:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F49A94B-6343-4A24-8E8D-461192CD643A"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CB9CE4D-B179-488A-881B-EDDE858DF8C6"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19698339-17FB-443A-A3A8-E6E364F6E892"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED7AB561-DC97-4ACB-8810-B8020F28B769"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_developer_version_5:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5976B0CF-D923-4D74-A599-028E20D14AF5"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_enterprise_edition:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6DBFEFD-4667-4487-B009-F5133260D6A5"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B3B8F3B-156B-44B0-97EF-F2DF622D8398"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition_version_4:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CC5DA2A-6880-491A-A2FD-327CF952E977"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_web_edition:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "394A48A2-C95B-4B1F-A571-77FFD1DA9F0D"
},
{
"criteria": "cpe:2.3:a:hitachi:cosminexus_server_-_web_edition_version_4:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BC015FD-6D1D-4A6C-A480-326614BEB5BA"
},
{
"criteria": "cpe:2.3:a:hitachi:hitachi_web_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3721DE3-39EC-4C4A-B575-9F5CF2D21BE2"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B00BB4D-1C8A-4CFE-9EA4-5CBE055276DE"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_smart_edition:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "980D0920-2D78-4EAF-8C99-C9928708C825"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88B1B8FF-8362-471C-85DB-01D675764DF8"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7148FC73-6087-4F89-8832-7888D3502E85"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C937879-7AC4-4B36-BC3A-3C9B620A17F4"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "354BD4CE-7B1A-4442-9F87-08CD70D9499E"
},
{
"criteria": "cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72E63548-3AB3-4B78-AA2D-5B2AC7E06DD7"
}
],
"operator": "OR"
}
]
}
]