CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
5.1%
Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user’s group permissions to logical J2EE server processes, which allows local users to gain privileges.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachi | cosminexus_application_server_enterprise | 06_50 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:aix:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:hpux:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:linux_ipf:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50:*:solaris:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50_b | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_b:*:linux_ipf:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50_c | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c:*:linux:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50_c_1 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:hpux_ipf:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50_c_1 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_c_1:*:solaris:*:*:*:*:* |
hitachi | cosminexus_application_server_enterprise | 06_50_e_1 | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:06_50_e_1:*:hpux:*:*:*:*:* |