Back to search
CVE-2007-4124
Published: Aug 1, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
25145
vdb-entry
x_refsource_BID
ADV-2007-2725
vdb-entry
x_refsource_VUPEN
hitachi-container-session-hijacking(35706)
vdb-entry
x_refsource_XF
37852
vdb-entry
x_refsource_OSVDB
26250
third-party-advisory
x_refsource_SECUNIA
http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now