Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to "unintended other requests."
Conclusion & alert: CVE-2007-1854 is rated Moderate Risk (43.4/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.23%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.58% | 1.23% | +0.66% |
| 2 | 2025-06-18 | 0.54% | 0.58% | +0.04% |
| 3 | 2025-03-30 | — | 0.54% | — |
Full EPSS history (12 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| hitachi | cosminexus_component_container | 07_00_11 | cpe:2.3:a:hitachi:cosminexus_component_container:07_00_11:*:aix:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_00_11 | cpe:2.3:a:hitachi:cosminexus_component_container:07_00_11:*:hp-ux_ipf:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_00_11 | cpe:2.3:a:hitachi:cosminexus_component_container:07_00_11:*:linux:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_00_11 | cpe:2.3:a:hitachi:cosminexus_component_container:07_00_11:*:windows:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:aix:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:hp-ux:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:hp-ux_ipf:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:linux:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:linux_ipf:*:*:*:*:* |
| hitachi | cosminexus_component_container | 07_10_04 | cpe:2.3:a:hitachi:cosminexus_component_container:07_10_04:*:windows:*:*:*:*:* |
| hitachi | electronic_form_workflow | — | cpe:2.3:a:hitachi:electronic_form_workflow:*:*:developer_client_set:*:*:*:*:* |
| hitachi | electronic_form_workflow | — | cpe:2.3:a:hitachi:electronic_form_workflow:*:*:professional_library_set:*:*:*:*:* |
| hitachi | electronic_form_workflow | — | cpe:2.3:a:hitachi:electronic_form_workflow:*:*:standard_set:*:*:*:*:* |
| hitachi | ucosminexus_application_server | — | cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:enterprise:*:*:*:*:* |
| hitachi | ucosminexus_application_server | — | cpe:2.3:a:hitachi:ucosminexus_application_server:*:*:standard:*:*:*:*:* |
| hitachi | ucosminexus_developer | — | cpe:2.3:a:hitachi:ucosminexus_developer:*:*:professional:*:*:*:*:* |
| hitachi | ucosminexus_developer | — | cpe:2.3:a:hitachi:ucosminexus_developer:*:*:standard:*:*:*:*:* |
| hitachi | ucosminexus_erp_integrator | — | cpe:2.3:a:hitachi:ucosminexus_erp_integrator:*:*:*:*:*:*:*:* |
| hitachi | ucosminexus_service_architect | — | cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:* |
| hitachi | ucosminexus_service_platform | — | cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:* |