Lucene search

[email protected]CVE-2008-2674

HistoryJun 12, 2008 - 12:21 p.m.

CVE-2008-2674

2008-06-1212:21:00

[email protected]

web.nvd.nist.gov

cve-2008-2674

fujitsu

interstage management console

vulnerability

remote attackers

file access

nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors.

Affected configurations

NVD

Node

redhatenterprise_linuxMatchas_3

redhatenterprise_linuxMatches_3

AND

fujitsuinterstage_application_server_enterpriseMatchv6.0

fujitsuinterstage_application_server_enterpriseMatchv7.0.0

fujitsuinterstage_application_server_plusMatchv7.0.0

Node

redhatenterprise_linuxMatchas_3

redhatenterprise_linuxMatchas_4

redhatenterprise_linuxMatches_3

AND

fujitsuinterstage_application_server_enterpriseMatchv7.0.1

fujitsuinterstage_application_server_plusMatchv7.0.1

Node

redhatenterprise_linuxMatchas_4

AND

fujitsuinterstage_application_server_enterpriseMatch8.0.0

fujitsuinterstage_application_server_enterpriseMatch8.0.2

fujitsuinterstage_application_server_standard_jMatch8.0.0

fujitsuinterstage_application_server_standard_jMatch8.0.2

Node

redhatenterprise_linuxMatch5.0

redhatenterprise_linuxMatchas_4

AND

fujitsuinterstage_application_server_enterpriseMatchv9.0.0

fujitsuinterstage_application_server_standard_jMatchv9.0.0

Node

redhatenterprise_linuxMatchas_4

AND

fujitsuinterstage_application_server_enterpriseMatch8.0.0

fujitsuinterstage_application_server_enterpriseMatch8.0.1

fujitsuinterstage_application_server_enterpriseMatch8.0.2

fujitsuinterstage_application_server_enterpriseMatchv7.0

Node

redhatenterprise_linuxMatch5.0

redhatenterprise_linuxMatchas_4

AND

fujitsuinterstage_application_server_enterpriseMatchv9.0.0

Node

sunsolaris

AND

fujitsuinterstage_application_server_enterpriseMatch6.0

fujitsuinterstage_application_server_enterpriseMatch7.0

fujitsuinterstage_application_server_enterpriseMatch7.0.1

fujitsuinterstage_application_server_enterpriseMatch8.0.0

fujitsuinterstage_application_server_enterpriseMatch8.0.2

fujitsuinterstage_application_server_enterpriseMatch9.0.0

fujitsuinterstage_application_server_plusMatch7.0

fujitsuinterstage_application_server_plusMatch7.0.1

fujitsuinterstage_application_server_standard_jMatch8.0.0

fujitsuinterstage_application_server_standard_jMatch8.0.2

fujitsuinterstage_application_server_standard_jMatch9.0.0

Node

microsoftwindows_nt

AND

fujitsuinterstage_application_server_enterpriseMatch8.0.0

fujitsuinterstage_application_server_enterpriseMatch8.0.1

fujitsuinterstage_application_server_enterpriseMatch8.0.2

fujitsuinterstage_application_server_enterpriseMatchv6.0

fujitsuinterstage_application_server_enterpriseMatchv7.0

fujitsuinterstage_application_server_enterpriseMatchv9.0.0

fujitsuinterstage_application_server_enterpriseMatchv9.0.0a

fujitsuinterstage_application_server_plusMatchv6.0

fujitsuinterstage_application_server_plusMatchv7.0

fujitsuinterstage_application_server_plusMatchv7.0.1

fujitsuinterstage_application_server_plus_developerMatchv6.0

fujitsuinterstage_application_server_plus_developerMatchv7.0

fujitsuinterstage_application_server_standard_jMatch8.0.0

fujitsuinterstage_application_server_standard_jMatch8.0.2

fujitsuinterstage_application_server_standard_jMatchv9.0.0

fujitsuinterstage_application_server_standard_jMatchv9.0.0a

Node

microsoftwindows_nt

AND

fujitsuinterstage_apworks_modelers_jMatchv6.0

fujitsuinterstage_apworks_modelers_jMatchv6.0a

fujitsuinterstage_apworks_modelers_jMatchv7.0

fujitsuinterstage_studio_enterpriseMatch8.0.1

fujitsuinterstage_studio_enterpriseMatchv9.0.0

fujitsuinterstage_studio_standard_jMatch8.0.1

fujitsuinterstage_studio_standard_jMatchv9.0.0

Node

redhatenterprise_linuxMatchas_4

AND

fujitsuinterstage_business_application_server_enterpriseMatchv8.0.0

CPENameOperatorVersion
fujitsu:interstage_application_server_enterprisefujitsu interstage application server enterpriseeqv6.0
fujitsu:interstage_application_server_enterprisefujitsu interstage application server enterpriseeqv7.0.0
fujitsu:interstage_application_server_plusfujitsu interstage application server pluseqv7.0.0

CPE	Name	Operator	Version
fujitsu:interstage_application_server_enterprise	fujitsu interstage application server enterprise	eq	v6.0
fujitsu:interstage_application_server_enterprise	fujitsu interstage application server enterprise	eq	v7.0.0
fujitsu:interstage_application_server_plus	fujitsu interstage application server plus	eq	v7.0.0

References

secunia.com/advisories/30589

www.fujitsu.com/global/support/software/security/products-f/interstage-200805e.html

www.securityfocus.com/bid/29624

www.securitytracker.com/id?1020235

www.vupen.com/english/advisories/2008/1771/references

exchange.xforce.ibmcloud.com/vulnerabilities/42949

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for CVE-2008-2674

nvd1 cvelist1 prion1