Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-20741 | Cross-site Scripting vulnerability in Hitachi Application Server V10 Manual 101101 Cross-site scripting vulnerability in Hitachi Application Server Help (Hitachi Application Server V10 Manual (Windows) version 10-11-01 and earlier and Hitachi Application Server V10 Manual (UNIX) version 10-11-01 and earlier) allows a remote attacker to inject an arbitrary script via unspecified vectors. | 4.3 |
| 2021-06-09 | CVE-2021-3196 | Improper Verification of Cryptographic Signature vulnerability in Hitachi ID Bravura Security Fabric 12.1.0 An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. | 6.5 |
| 2021-01-29 | CVE-2020-24670 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 3.5 |
| 2021-01-29 | CVE-2020-24669 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 3.5 |
| 2021-01-29 | CVE-2020-24666 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 3.5 |
| 2021-01-29 | CVE-2020-24665 | XML Entity Expansion vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition. | 4.0 |
| 2021-01-29 | CVE-2020-24664 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 3.5 |
| 2020-02-14 | CVE-2018-21033 | Improper Input Validation vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. | 4.0 |
| 2020-02-14 | CVE-2018-21032 | Information Exposure Through an Error Message vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. | 4.0 |
| 2019-11-12 | CVE-2019-17360 | Resource Exhaustion vulnerability in Hitachi products A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. | 5.0 |