Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-26 | CVE-2024-28982 | XML Entity Expansion vulnerability in Hitachi Pentaho Business Analytics Server Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference. | 8.2 |
| 2024-06-26 | CVE-2024-28983 | Cross-site Scripting vulnerability in Hitachi Business Analytics Server Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface. | 6.1 |
| 2024-06-26 | CVE-2024-28984 | Cross-site Scripting vulnerability in Hitachi Pentaho Business Analytics Server Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface. | 6.1 |
| 2024-01-30 | CVE-2024-21840 | Incorrect Default Permissions vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2. | 7.1 |
| 2024-01-16 | CVE-2023-49106 | Insufficiently Protected Credentials vulnerability in Hitachi Device Manager Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | 7.5 |
| 2024-01-16 | CVE-2023-49107 | Information Exposure Through an Error Message vulnerability in Hitachi Device Manager Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04. | 7.5 |
| 2024-01-16 | CVE-2023-6457 | Incorrect Default Permissions vulnerability in Hitachi Tuning Manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04. | 7.1 |
| 2023-12-12 | CVE-2023-3517 | Unspecified vulnerability in Hitachi Pentaho Data Integration and Analytics 1.0/9.4.0.0 Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources. | 8.8 |
| 2023-12-11 | CVE-2023-6538 | Unspecified vulnerability in Hitachi System Management Unit Firmware SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. | 6.5 |
| 2023-12-05 | CVE-2023-5808 | Improper Authentication vulnerability in Hitachi Vantara Hitachi Network Attached Storage SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. | 6.5 |