This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Hitachi First view 2007-11-05
Product Web Server Last view 2007-11-05
Version 02_00 Type Application
Update *  
Edition windows  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:hitachi:web_server

Activity : Overall

Related : CVE

  Date Alert Description
5 2007-11-05 CVE-2007-5810

Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.

4.3 2007-11-05 CVE-2007-5809

Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.

CWE : Common Weakness Enumeration

50% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
50% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
42027 Hitachi Web Server Server-status Page Creation Unspecified XSS
42026 Hitachi Web Server SSL Client Certification Validation Weakness