Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-37680 | Missing Authentication for Critical Function vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07 An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. | 7.5 |
| 2022-08-29 | CVE-2022-37681 | Path Traversal vulnerability in Hitachi Hc-Ip9100Hd Firmware 1.07 Hitachi Kokusai Electric Newtork products for monitoring system (Camera, Decoder and Encoder) and below allows attckers to perform a directory traversal via a crafted GET request to the endpoint /ptippage.cgi. | 7.5 |
| 2022-01-28 | CVE-2021-40338 | Information Exposure Through an Error Message vulnerability in Hitachi Linkone Hitachi Energy LinkOne product, has a vulnerability due to a web server misconfiguration, that enables debug mode and reveals the full path of the filesystem directory when an attacker generates errors during a query operation. | 5.3 |
| 2022-01-28 | CVE-2021-40339 | Unspecified vulnerability in Hitachi Linkone Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. | 7.5 |
| 2022-01-28 | CVE-2021-40340 | Information Exposure vulnerability in Hitachi Linkone Information Exposure vulnerability in Hitachi Energy LinkOne application, due to a misconfiguration in the ASP server exposes server and ASP.net information, an attacker that manages to exploit this vulnerability can use the exposed information as a reconnaissance for further exploitation. | 7.5 |
| 2022-01-25 | CVE-2021-40337 | Cross-site Scripting vulnerability in Hitachi Linkone Cross-site Scripting (XSS) vulnerability in Hitachi Energy LinkOne allows an attacker that manages to exploit the vulnerability can take advantage to exploit multiple web attacks and stole sensitive information. | 5.4 |
| 2021-11-08 | CVE-2021-31599 | Unrestricted Upload of File with Dangerous Type vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 8.8 |
| 2021-11-08 | CVE-2021-31600 | Files or Directories Accessible to External Parties vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 4.3 |
| 2021-11-08 | CVE-2021-31601 | Unspecified vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 6.5 |
| 2021-11-08 | CVE-2021-31602 | Improper Authentication vulnerability in Hitachi products An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. | 7.5 |