Vulnerabilities > Hitachi

DATE CVE VULNERABILITY TITLE RISK
2023-08-29 CVE-2023-1995 Unspecified vulnerability in Hitachi products
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W , before 09-66-/Q ; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
network
low complexity
hitachi
7.5
2023-08-23 CVE-2023-39984 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi Eh-View
** UNSUPPORTED WHEN ASSIGNED ** Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose information and execute arbitray code on affected EH-VIEW installations.
local
low complexity
hitachi CWE-119
7.8
2023-08-23 CVE-2023-39985 Out-of-bounds Write vulnerability in Hitachi Eh-View
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations.
local
low complexity
hitachi CWE-787
7.8
2023-08-23 CVE-2023-39986 Out-of-bounds Read vulnerability in Hitachi Eh-View
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Read vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially disclose information on affected EH-VIEW installations.
local
low complexity
hitachi CWE-125
5.5
2023-08-23 CVE-2023-3495 Out-of-bounds Write vulnerability in Hitachi Eh-View
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations.
local
low complexity
hitachi CWE-787
7.8
2023-07-18 CVE-2020-36695 Incorrect Default Permissions vulnerability in Hitachi products
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.
local
low complexity
hitachi CWE-276
7.8
2023-07-18 CVE-2022-4146 Expression Language Injection vulnerability in Hitachi Replication Manager
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.
network
low complexity
hitachi CWE-917
critical
9.8
2023-07-18 CVE-2023-34142 Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.
network
low complexity
hitachi CWE-319
7.5
2023-07-18 CVE-2023-34143 Improper Certificate Validation vulnerability in Hitachi Device Manager
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.
network
high complexity
hitachi CWE-295
8.1
2023-05-24 CVE-2022-4815 Deserialization of Untrusted Data vulnerability in Hitachi products
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods. 
network
low complexity
hitachi CWE-502
8.8