Description
Cosminexus Manager in Cosminexus Application Server 07-00 and later might assign the wrong user's group permissions to logical user server processes, which allows local users to gain privileges.
References (5)
Core 5
Core References
Various Sources x_refsource_confirm
http://www.hitachi-support.com/security_e/vuls_e/HS07-025_e/index-e.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25434
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37855
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26589
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36245
Scores
EPSS
0.0006
EPSS Percentile
18.0%
Details
CWE
CWE-264
Status
published
Products (33)
hitachi/cosminexus_application_server_enterprise
06_50 (5 CPE variants)
hitachi/cosminexus_application_server_enterprise
06_50_b
hitachi/cosminexus_application_server_enterprise
06_50_c
hitachi/cosminexus_application_server_enterprise
06_50_c_1 (2 CPE variants)
hitachi/cosminexus_application_server_enterprise
06_50_e_1
hitachi/cosminexus_application_server_enterprise
06_50_f
hitachi/cosminexus_application_server_enterprise
06_51
hitachi/cosminexus_application_server_enterprise
06_51_b_1
hitachi/cosminexus_application_server_enterprise
06_51_c
hitachi/cosminexus_application_server_standard
06_50 (5 CPE variants)
... and 23 more
Published
Aug 28, 2007
Tracked Since
Feb 18, 2026