Description
Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter.
Product(s):
- Hitachi Groupmax World Wide Web 02 00
- Hitachi Groupmax World Wide Web 02 20
- Hitachi Groupmax World Wide Web 02_20_A
- Hitachi Groupmax World Wide Web 02_31_I
- Hitachi Groupmax World Wide Web 03_00
- Hitachi Groupmax World Wide Web 03_10_H
- Hitachi Groupmax World Wide Web 03_11_B
- Hitachi Groupmax World Wide Web 2
- Hitachi Groupmax World Wide Web 3
- Hitachi Groupmax World Wide Web Desktop 05_00
- Hitachi Groupmax World Wide Web Desktop 05_11_f
- Hitachi Groupmax World Wide Web Desktop 05_11_i
- Hitachi Groupmax World Wide Web Desktop 05_11_j
- Hitachi Groupmax World Wide Web Desktop 06_00
- Hitachi Groupmax World Wide Web Desktop 06_50_b
- Hitachi Groupmax World Wide Web Desktop 06_50_c
- Hitachi Groupmax World Wide Web Desktop 06_51
- Hitachi Groupmax World Wide Web Desktop 06_51 for Jichitai
- Hitachi Groupmax World Wide Web Desktop 06_51_b
- Hitachi Groupmax World Wide Web Desktop 06_51_c
- Hitachi Groupmax World Wide Web Desktop 06_52
- Hitachi Groupmax World Wide Web Desktop 06_52 for Jichitai
- Hitachi Groupmax World Wide Web Desktop 06_52_b
- Hitachi Groupmax World Wide Web Desktop 5
- Hitachi Groupmax World Wide Web Desktop 6
- Hitachi Groupmax World Wide Web Desktop Gold for Jichitai
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-2493, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-2493 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.