Vulnerability Name:

CVE-2010-4773 (CCN-63278)

Assigned:2010-11-16
Published:2010-11-16
Updated:2017-08-17
Summary:Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-4773

Source: OSVDB
Type: UNKNOWN
69363

Source: CCN
Type: SA42207
Hitachi EUR Products Unspecified Code Execution Vulnerability

Source: SECUNIA
Type: Vendor Advisory
42207

Source: CCN
Type: Hitachi Security Vulnerability Information HS10-027
EUR Form Client

Source: CONFIRM
Type: UNKNOWN
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-027/index.html

Source: CCN
Type: OSVDB ID: 69363
Hitachi EUR Multiple Products Unspecified Arbitrary Code Execution

Source: CCN
Type: BID-44845
Hitachi Multiple Products Unspecified Remote Code Execution Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2010-2989

Source: XF
Type: UNKNOWN
hitachi-unspec-code-execution(63278)

Source: XF
Type: UNKNOWN
hitachi-unspec-code-execution(63278)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:hitachi:eur_form_client:01-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:01-05-/c(*1):*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-10-/b:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-10-a:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-10-aa:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-10-b:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_client:05-10-c:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:hitachi:eur_form_service:01-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_service:01-05(*1):*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_service:05-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_service:05-10-/b:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:hitachi:ucosminexus_eur_form_service:07-50:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:07-60-/c:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:hitachi:ucosminexus_eur_form_service:05-05:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:05-10-/b:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:07-50:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:07-50-/c:*:*:*:*:*:*:*
  • AND
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/a:hitachi:ucosminexus_eur_form_service:07-50:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:07-50-/c:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:hitachi:eur_form_client:01-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:eur_form_service:01-00:*:*:*:*:*:*:*
  • OR cpe:/a:hitachi:ucosminexus_eur_form_service:05-05:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hitachi eur form client 01-00
    hitachi eur form client 01-05-/c(*1)
    hitachi eur form client 05-00
    hitachi eur form client 05-10-/b
    hitachi eur form client 05-10-a
    hitachi eur form client 05-10-aa
    hitachi eur form client 05-10-b
    hitachi eur form client 05-10-c
    microsoft windows *
    hitachi eur form service 01-00
    hitachi eur form service 01-05(*1)
    hitachi eur form service 05-00
    hitachi eur form service 05-10-/b
    microsoft windows *
    hitachi ucosminexus eur form service 07-50
    hitachi ucosminexus eur form service 07-60-/c
    microsoft windows *
    hitachi ucosminexus eur form service 05-05
    hitachi ucosminexus eur form service 05-10-/b
    hitachi ucosminexus eur form service 07-50
    hitachi ucosminexus eur form service 07-50-/c
    linux linux kernel *
    hitachi ucosminexus eur form service 07-50
    hitachi ucosminexus eur form service 07-50-/c
    ibm aix *
    hitachi eur form client 01-00
    hitachi eur form service 01-00
    hitachi ucosminexus eur form service 05-05