Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-25 | CVE-2021-40337 | Cross-site Scripting vulnerability in Hitachi Linkone Cross-site Scripting (XSS) vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. | 5.4 |
| 2021-11-08 | CVE-2021-31599 | Unrestricted Upload of File with Dangerous Type vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 8.8 |
| 2021-11-08 | CVE-2021-31600 | Files or Directories Accessible to External Parties vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 4.3 |
| 2021-11-08 | CVE-2021-31601 | Unspecified vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 6.5 |
| 2021-11-08 | CVE-2021-31602 | Improper Authentication vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 7.5 |
| 2021-11-08 | CVE-2021-34684 | SQL Injection vulnerability in Hitachi Vantara Pentaho Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI. | 9.8 |
| 2021-11-08 | CVE-2021-34685 | Unrestricted Upload of File with Dangerous Type vulnerability in Hitachi Vantara Pentaho UploadService in Hitachi Vantara Pentaho Business Analytics through 9.1 does not properly verify uploaded user files, which allows an authenticated user to upload various files of different file types. | 7.2 |
| 2021-10-12 | CVE-2021-29644 | Integer Overflow or Wraparound vulnerability in Hitachi products Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. | 9.8 |
| 2021-10-12 | CVE-2021-29645 | Unspecified vulnerability in Hitachi products Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. | 7.8 |
| 2021-09-29 | CVE-2021-41573 | Files or Directories Accessible to External Parties vulnerability in Hitachi Content Platform Anywhere 4.4.5/4.5.0 Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. | 6.5 |