Vulnerabilities > Hitachi > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2020-36652 | Incorrect Default Permissions vulnerability in Hitachi products Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00. | 7.1 |
| 2023-02-28 | CVE-2022-3884 | Incorrect Default Permissions vulnerability in Hitachi OPS Center Analyzer 10.9.000 Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01. | 7.1 |
| 2023-02-28 | CVE-2022-4895 | Improper Certificate Validation vulnerability in Hitachi products Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00. | 8.1 |
| 2023-01-31 | CVE-2022-4041 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.1. | 8.8 |
| 2023-01-31 | CVE-2022-4441 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0/04.9.0 Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.9.0 before 04.9.1. | 8.8 |
| 2023-01-17 | CVE-2020-36611 | Incorrect Default Permissions vulnerability in Hitachi Tuning Manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. | 7.1 |
| 2022-11-02 | CVE-2021-45446 | Improper Preservation of Permissions vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9 A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory. | 7.5 |
| 2022-11-02 | CVE-2021-45447 | Cleartext Transmission of Sensitive Information vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9 Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text. The transmission of sensitive data in clear text allows unauthorized actors with access to the network to sniff and obtain sensitive information that can be later used to gain unauthorized access. | 7.5 |
| 2022-10-06 | CVE-2022-2637 | Improper Privilege Management vulnerability in Hitachi Storage Plug-In 04.8.0 Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.0. | 8.8 |
| 2022-09-06 | CVE-2022-34883 | OS Command Injection vulnerability in Hitachi Raid Manager Storage Replication Adapter OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. | 8.8 |