Skip to main content

HiFusion v04.1.01 was released - News / Software Products - Hirschmann Support Center

APR 3 2020

HiFusion v04.1.01 was released

Security Vulnerability Corrected in version 04.1.01

                                                                                                                                                                                                                                                                                                                                       

VulnerabilityDescription
Java CVE-2020-2583Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability allows                 unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.                 Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service                 (partial DOS) of Java SE, Java SE Embedded.
Java CVE-2020-2590Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability allows                 unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful                 attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE,                 Java SE Embedded accessible data.
Java CVE-2020-2593Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability allows                 unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.                 Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of                 Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE                 Embedded accessible data.
Java CVE-2020-2654Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported                 versions that are affected is Java SE. Difficult to exploit    vulnerability allows unauthenticated attacker with                 network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result                 in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE.
Java CVE-2020-2659Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability    allows                 unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.                 Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service                 (partial DOS) of Java SE, Java SE Embedded.
Java CVE-2020-2601Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability allows                 unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While                 the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products.                 Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access                 to all Java SE, Java SE Embedded accessible data.
Java CVE-2020-2604Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported                 versions that are affected are Java SE and Java SE Embedded. Difficult to exploit vulnerability allows                 unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.                 Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded.

            

       

New features in version 04.1.01

  

               

  • Port Generation, You can now use port mapping to control how the ports are displayed in Industrial HiVision.    

    

Issues fixed in version 04.1.01

   

  • You can find the problems, workarounds and fixes related to this release in the issue list