CVE-2004-2421

Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/12050	Patch Vendor Advisory
http://securitytracker.com/id?1011023	Patch
http://www.hitachi-support.com/security_e/vuls_e/HS04-004_e/index-e.html
http://www.securityfocus.com/bid/11012
https://exchange.xforce.ibmcloud.com/vulnerabilities/17074

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_00_h:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_01_d:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_02-b:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_02_c:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_00_a:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_10:::::::*
	cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_10_a:::::::*
	cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_00:::::::*
	cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_10:::::::*
	cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_10_a:::::::*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2023-12-10 10:28

NVD link : CVE-2004-2421

Mitre link : CVE-2004-2421

CVE.ORG link : CVE-2004-2421

JSON object : View

Products Affected

hitachi

jp1_p-1b41-9471
jp1_p-1b41-9461
jp1_p-1j41-9471

CWE

NVD-CWE-Other

{"id": "CVE-2004-2421", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "http://secunia.com/advisories/12050", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1011023", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.hitachi-support.com/security_e/vuls_e/HS04-004_e/index-e.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11012", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17074", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights."}], "lastModified": "2017-07-11T01:31:52.810", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_00_h:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "977E01EB-036F-49E2-BE3A-91C1A5FF26CB"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_01_d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D556582-B310-4069-A8AB-08A705189EF6"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_02-b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90950497-D98C-4C4A-A2F3-0A6BD701046D"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9461:06_02_c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68D228A5-32F4-473C-A6DE-7B8E99EE976F"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_00_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "124BCA5F-7A2E-4C7C-8BCE-8F4572B320FB"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B6A1C06-59BC-44F5-AA99-1BD64FAC60BC"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1b41-9471:07_10_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C66D7A9C-60A4-4F53-BA70-A0656AC4875F"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C71A731A-E284-41D7-A919-1AE46DAA48D3"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83BDD11F-B950-470A-9A11-174E10FBD066"}, {"criteria": "cpe:2.3:h:hitachi:jp1_p-1j41-9471:07_10_a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "254BA743-1DE5-4BD9-8BE3-979583852321"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}