Vulnerabilities > Hitachi

DATE CVE VULNERABILITY TITLE RISK
2017-05-29 CVE-2017-9297 Open Redirect vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites.
network
hitachi CWE-601
5.8
2017-05-29 CVE-2017-9296 Open Redirect vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites.
network
hitachi CWE-601
5.8
2017-05-29 CVE-2017-9295 XXE vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files.
network
low complexity
hitachi CWE-611
4.0
2017-05-29 CVE-2017-9294 Arbitrary Command Execution vulnerability in Hitachi Device Manager 7.0.0/7.0.000/8.1.1
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports.
network
low complexity
hitachi
7.5
2015-02-09 CVE-2015-1565 Cross-site Scripting vulnerability in Hitachi products
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2014-06-17 CVE-2014-4189 Cross-Site Scripting vulnerability in Hitachi products
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
hitachi CWE-79
4.3
2014-06-17 CVE-2014-4188 Cross-Site Request Forgery (CSRF) vulnerability in Hitachi products
Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
network
hitachi CWE-352
6.8
2013-07-31 CVE-2013-4697 Unspecified vulnerability in Hitachi products
Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop Management - Manager 09-50 through 09-50-03, 09-51 through 09-51-05, 10-00 through 10-00-02, and 10-01 through 10-01-02; Hitachi Job Management Partner 1/IT Desktop Management - Manager 09-50 through 09-50-03 and 10-01; and Hitachi IT Operations Director 02-50 through 02-50-07, 03-00 through 03-00-12, and 04-00 through 04-00-01 allow remote authenticated users to gain privileges via unknown vectors.
network
low complexity
hitachi
critical
9.0
2012-10-25 CVE-2011-5217 Path Traversal vulnerability in Hitachi products
Directory traversal vulnerability in the PXE Mtftp service in Hitachi JP1/ServerConductor/DeploymentManager before 08-55 Japanese and before 08-51 English allows remote attackers to read arbitrary files via unknown vectors.
network
low complexity
hitachi CWE-22
5.0
2012-09-19 CVE-2012-5001 Remote Code Execution vulnerability in Hitachi JP1/Cm2/Network Node Manager i
Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.
network
low complexity
hitachi
7.5