Vulnerabilities > Hitachi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-29 | CVE-2020-24666 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
| 2021-01-29 | CVE-2020-24665 | XML Entity Expansion vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition. | 6.5 |
| 2021-01-29 | CVE-2020-24664 | Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0 The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
| 2020-02-14 | CVE-2018-21033 | Improper Input Validation vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. | 6.5 |
| 2020-02-14 | CVE-2018-21032 | Information Exposure Through an Error Message vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. | 4.3 |
| 2019-11-12 | CVE-2019-17360 | Resource Exhaustion vulnerability in Hitachi products A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. | 7.5 |
| 2019-11-12 | CVE-2018-21026 | Information Exposure vulnerability in Hitachi products A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information. | 7.5 |
| 2018-08-09 | CVE-2018-14735 | Information Exposure vulnerability in Hitachi products An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. | 7.5 |
| 2017-05-29 | CVE-2017-9298 | Cross-site Scripting vulnerability in Hitachi Device Manager Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. | 5.4 |
| 2017-05-29 | CVE-2017-9297 | Open Redirect vulnerability in Hitachi Device Manager Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. | 6.1 |