Vulnerabilities > Hitachi

DATE CVE VULNERABILITY TITLE RISK
2023-01-17 CVE-2020-36611 Incorrect Default Permissions vulnerability in Hitachi Tuning Manager
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.
local
low complexity
hitachi CWE-276
7.1
2023-01-05 CVE-2021-40341 Inadequate Encryption Strength vulnerability in multiple products
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements.
local
low complexity
hitachienergy hitachi CWE-326
5.5
2022-12-06 CVE-2022-34881 Information Exposure Through an Error Message vulnerability in Hitachi Jp1/Automatic Operation
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information.
local
low complexity
hitachi CWE-209
3.3
2022-11-02 CVE-2021-45448 Path Traversal vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9
Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources that are out of bounds.
network
low complexity
hitachi CWE-22
6.5
2022-11-02 CVE-2021-45446 Exposure of Resource to Wrong Sphere vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder.
network
low complexity
hitachi CWE-668
7.5
2022-11-02 CVE-2021-45447 Cleartext Transmission of Sensitive Information vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text.
network
low complexity
hitachi CWE-319
7.5
2022-11-01 CVE-2020-36605 Incorrect Default Permissions vulnerability in Hitachi products
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files.
local
low complexity
hitachi CWE-276
4.4
2022-11-01 CVE-2022-3191 Information Exposure Through Log Files vulnerability in Hitachi OPS Center Analyzer
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information.
local
low complexity
hitachi CWE-532
5.5
2022-11-01 CVE-2022-41552 Server-Side Request Forgery (SSRF) vulnerability in Hitachi products
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side Request Forgery.
network
low complexity
hitachi CWE-918
critical
9.8
2022-11-01 CVE-2022-41553 Information Exposure Through Log Files vulnerability in Hitachi products
Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer probe component) allows local users to gain sensitive information.
local
low complexity
hitachi CWE-532
5.5