Vulnerabilities > Hitachi > Device Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-29 | CVE-2017-9298 | Cross-site Scripting vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1 Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. | 3.5 |
| 2017-05-29 | CVE-2017-9297 | Open Redirect vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1 Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. | 5.8 |
| 2017-05-29 | CVE-2017-9296 | Open Redirect vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1 Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites. | 5.8 |
| 2017-05-29 | CVE-2017-9295 | XXE vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1 XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. | 4.0 |
| 2017-05-29 | CVE-2017-9294 | Arbitrary Command Execution vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1 RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. | 7.5 |
| 2015-02-09 | CVE-2015-1565 | Cross-site Scripting vulnerability in Hitachi products Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |