Sign-up

ID

VAR-201209-0276


CVE

CVE-2012-5001


TITLE

Unknown remote code execution vulnerability in Hitachi JP1 / Cm2 / Network Node Manager i

Trust: 0.6

sources: CNVD: CNVD-2012-0932

DESCRIPTION

Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors. Hitachi JP1 / Cm2 / Hierarchical is a middleware platform software. A remote attacker can leverage this issue to execute arbitrary code within the context of the application. Successful exploits will compromise the application and possibly the underlying computer. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Hitachi JP1/Cm2/Network Node Manager Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA48201 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48201/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48201 RELEASE DATE: 2012-02-29 DISCUSS ADVISORY: http://secunia.com/advisories/48201/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48201/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48201 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Hitachi JP1/Cm2/Network Node Manager, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to unspecified errors. No further information is currently available. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/./vuls/HS12-009/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-009/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.89

sources: NVD: CVE-2012-5001 // CNVD: CNVD-2012-0932 // BID: 52205 // VULMON: CVE-2012-5001 // PACKETSTORM: 110299

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-0932

AFFECTED PRODUCTS

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-10

Trust: 1.6

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-10-03

Trust: 1.6

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-00

Trust: 1.6

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-00-05

Trust: 1.6

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-50

Trust: 1.6

vendor:hitachimodel:jp1\/cm2\/network node managerscope:lteversion:09-50-02

Trust: 1.0

vendor:hitachimodel:jp1/cm2/network node manager i advancedscope:eqversion:0

Trust: 0.9

vendor:hitachimodel:jp1/cm2/network node manager i advancedscope:eqversion:09-50-02

Trust: 0.9

vendor:hitachimodel:jp1/cm2/network node manager iscope:eqversion:09-50-02

Trust: 0.9

vendor:hitachimodel:jp1\/cm2\/network node managerscope:eqversion:09-50-02

Trust: 0.6

vendor:hitachimodel:jp1/cm2/network node manager iscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:jp1/cm2/network node manager i advancedscope:neversion:09-50-03

Trust: 0.3

vendor:hitachimodel:jp1/cm2/network node manager iscope:neversion:09-50-03

Trust: 0.3

sources: CNVD: CNVD-2012-0932 // BID: 52205 // CNNVD: CNNVD-201202-519 // NVD: CVE-2012-5001

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5001
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201202-519
value: HIGH

Trust: 0.6

VULMON: CVE-2012-5001
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-5001
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2012-5001 // CNNVD: CNNVD-201202-519 // NVD: CVE-2012-5001

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-5001

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-519

TYPE

Unknown

Trust: 0.3

sources: BID: 52205

PATCH

title:Patch for Unknown remote code execution vulnerability in Hitachi JP1 / Cm2 / Network Node Manager iurl:https://www.cnvd.org.cn/patchInfo/show/11631

Trust: 0.6

sources: CNVD: CNVD-2012-0932

EXTERNAL IDS

db:BIDid:52205

Trust: 2.6

db:SECUNIAid:48201

Trust: 2.5

db:HITACHIid:HS12-009

Trust: 2.1

db:NVDid:CVE-2012-5001

Trust: 2.0

db:OSVDBid:79685

Trust: 1.7

db:OSVDBid:79686

Trust: 1.7

db:CNVDid:CNVD-2012-0932

Trust: 0.6

db:XFid:73545

Trust: 0.6

db:CNNVDid:CNNVD-201202-519

Trust: 0.6

db:VULMONid:CVE-2012-5001

Trust: 0.1

db:PACKETSTORMid:110299

Trust: 0.1

sources: CNVD: CNVD-2012-0932 // VULMON: CVE-2012-5001 // BID: 52205 // PACKETSTORM: 110299 // CNNVD: CNNVD-201202-519 // NVD: CVE-2012-5001

REFERENCES

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-009/index.html

Trust: 2.0

url:http://www.securityfocus.com/bid/52205

Trust: 1.8

url:http://osvdb.org/79686

Trust: 1.7

url:http://secunia.com/advisories/48201

Trust: 1.7

url:http://osvdb.org/79685

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/73545

Trust: 1.1

url:http://secunia.com/advisories/48201/

Trust: 0.7

url:http://xforce.iss.net/xforce/xfdb/73545

Trust: 0.6

url:http://www.hitachi.co.jp/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48201

Trust: 0.1

url:http://secunia.com/psi_30_beta_launch

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs12-009/index.html

Trust: 0.1

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/./vuls/hs12-009/index.html

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/advisories/48201/#comments

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2012-0932 // VULMON: CVE-2012-5001 // BID: 52205 // PACKETSTORM: 110299 // CNNVD: CNNVD-201202-519 // NVD: CVE-2012-5001

CREDITS

Hitachi

Trust: 0.9

sources: BID: 52205 // CNNVD: CNNVD-201202-519

SOURCES

db:CNVDid:CNVD-2012-0932
db:VULMONid:CVE-2012-5001
db:BIDid:52205
db:PACKETSTORMid:110299
db:CNNVDid:CNNVD-201202-519
db:NVDid:CVE-2012-5001

LAST UPDATE DATE

2024-08-14T14:34:27.741000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-0932date:2012-03-02T00:00:00
db:VULMONid:CVE-2012-5001date:2017-08-29T00:00:00
db:BIDid:52205date:2012-09-21T18:20:00
db:CNNVDid:CNNVD-201202-519date:2012-03-02T00:00:00
db:NVDid:CVE-2012-5001date:2017-08-29T01:32:27.447

SOURCES RELEASE DATE

db:CNVDid:CNVD-2012-0932date:2012-03-02T00:00:00
db:VULMONid:CVE-2012-5001date:2012-09-19T00:00:00
db:BIDid:52205date:2012-02-29T00:00:00
db:PACKETSTORMid:110299date:2012-02-29T06:28:42
db:CNNVDid:CNNVD-201202-519date:2012-02-29T00:00:00
db:NVDid:CVE-2012-5001date:2012-09-19T19:55:08.983