Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-21 | CVE-2005-3723 | Denial-Of-Service vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access the Unidata Shell to obtain sensitive information or cause a denial of service. | 7.5 |
| 2005-11-21 | CVE-2005-3722 | Remote Security vulnerability in Ip5000 Voip Wifi Phone The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read or write access to system configuration using arbitrary SNMP credentials. | 7.5 |
| 2005-11-21 | CVE-2005-3721 | Remote Security vulnerability in Ip5000 Voip Wifi Phone The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration. | 5.0 |
| 2005-11-21 | CVE-2005-3720 | Information Disclosure vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions. | 5.0 |
| 2005-11-21 | CVE-2005-3719 | Information Disclosure vulnerability in Hitachi Ip5000 Voip Wifi Phone 1.5.6 Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration. | 4.6 |
| 2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |
| 2004-12-31 | CVE-2004-2499 | Denial Of Service vulnerability in Hitachi Web Page Generator Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed." | 7.8 |
| 2004-12-31 | CVE-2004-2498 | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors. | 5.0 |
| 2004-12-31 | CVE-2004-2497 | Cross-Site Scripting and Information Disclosure vulnerability in Hitachi Web Page Generator Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network hitachi | 4.3 |
| 2004-12-31 | CVE-2004-2493 | Cross-Site Scripting And Directory Traversal vulnerability in Hitachi products Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter. | 4.0 |