VAR-200708-0152

Vulnerability from variot - Updated: 2025-04-10 23:23

Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) 06-00 through 06-71-/B allows remote attackers to cause a denial of service (application stop and web interface outage) via certain "unexpected data.". Hitachi JP1 / Cm2 / Hierarchical is a middleware platform software.

There is a vulnerability in the implementation of Hitachi JP1 / Cm2 / Hierarchical Viewer. A remote attacker may use this vulnerability to cause a denial of service.

HV generates an error when processing malformed data, which makes the HV web interface unavailable. Attackers can exploit this issue to cause denial-of-service conditions.


BETA test the new Secunia Personal Software Inspector!

The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.

Please see the vendor's advisory for a list of affected versions.

SOLUTION: Please see the vendor's advisory for fix information.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-021_e/index-e.html


About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200708-0152",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "jp1-cm2-hierarchical viewer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hitachi",
        "version": "06.71_b"
      },
      {
        "model": "jp1-cm2-hierarchical viewer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "hitachi",
        "version": "06.00"
      },
      {
        "model": "jp1-cm2-hierarchical viewer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "06-00 to  06-71-/b"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.6,
        "vendor": "none",
        "version": null
      },
      {
        "model": "jp1/cm2/hierarchical viewer 06-71-/b (wi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "06-00-"
      },
      {
        "model": "jp1/cm2/hierarchical viewer 06-71-/b (so",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "06-00-"
      },
      {
        "model": "jp1/cm2/hierarchical viewer 06-71-/b (hp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "06-00-"
      },
      {
        "model": "jp1/cm2/hierarchical viewer",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "07-00(*4)"
      },
      {
        "model": "jp1/cm2/hierarchical viewer",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "07-00(*3)"
      },
      {
        "model": "jp1/cm2/hierarchical viewer",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "07-00(*2)"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "db": "BID",
        "id": "25144"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:hitachi:jp1-cm2-hierarchical_viewer",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor disclosed this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "25144"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2007-4122",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2007-4122",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-4122",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-4122",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200708-011",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) 06-00 through 06-71-/B allows remote attackers to cause a denial of service (application stop and web interface outage) via certain \"unexpected data.\". Hitachi JP1 / Cm2 / Hierarchical is a middleware platform software. \n\n\u00a0There is a vulnerability in the implementation of Hitachi JP1 / Cm2 / Hierarchical Viewer. A remote attacker may use this vulnerability to cause a denial of service. \n\n\u00a0HV generates an error when processing malformed data, which makes the HV web interface unavailable. \nAttackers can exploit this issue to cause denial-of-service conditions. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nPlease see the vendor\u0027s advisory for a list of affected versions. \n\nSOLUTION:\nPlease see the vendor\u0027s advisory for fix information. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-021_e/index-e.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "db": "BID",
        "id": "25144"
      },
      {
        "db": "PACKETSTORM",
        "id": "58205"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-4122",
        "trust": 3.3
      },
      {
        "db": "HITACHI",
        "id": "HS07-021",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "25144",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "26242",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-2722",
        "trust": 1.6
      },
      {
        "db": "OSVDB",
        "id": "37853",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "35703",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "58205",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "db": "BID",
        "id": "25144"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "PACKETSTORM",
        "id": "58205"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "id": "VAR-200708-0152",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      }
    ]
  },
  "last_update_date": "2025-04-10T23:23:41.836000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HS07-021",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-021/index.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-021_e/index-e.html"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/26242"
      },
      {
        "trust": 1.6,
        "url": "http://osvdb.org/37853"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/25144"
      },
      {
        "trust": 1.0,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35703"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2007/2722"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4122"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4122"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/2722"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/35703"
      },
      {
        "trust": 0.3,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/groupmax/product/suiteindex.html#coll"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26242/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/15094/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "25144"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "PACKETSTORM",
        "id": "58205"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "db": "BID",
        "id": "25144"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "db": "PACKETSTORM",
        "id": "58205"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-07-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "date": "2007-07-31T00:00:00",
        "db": "BID",
        "id": "25144"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "date": "2007-08-01T00:35:42",
        "db": "PACKETSTORM",
        "id": "58205"
      },
      {
        "date": "2007-08-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "date": "2007-08-01T16:17:00",
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-07-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2007-4795"
      },
      {
        "date": "2015-05-07T17:36:00",
        "db": "BID",
        "id": "25144"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      },
      {
        "date": "2007-08-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2007-4122"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hitachi JP1/Cm2/HV Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004207"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200708-011"
      }
    ],
    "trust": 0.6
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…