Vulnerabilities > Hitachi > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-29 CVE-2020-24665 XML Entity Expansion vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0
The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition.
network
low complexity
hitachi CWE-776
6.5
2021-01-29 CVE-2020-24664 Cross-site Scripting vulnerability in Hitachi Vantara Pentaho 7.0.0/8.0.0
The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code.
network
low complexity
hitachi CWE-79
5.4
2020-02-14 CVE-2018-21033 Improper Input Validation vulnerability in Hitachi products
A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence.
network
low complexity
hitachi CWE-20
6.5
2020-02-14 CVE-2018-21032 Information Exposure Through an Error Message vulnerability in Hitachi products
A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages.
network
low complexity
hitachi CWE-209
4.3
2017-05-29 CVE-2017-9298 Cross-site Scripting vulnerability in Hitachi Device Manager
Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code.
network
low complexity
hitachi CWE-79
5.4
2017-05-29 CVE-2017-9297 Open Redirect vulnerability in Hitachi Device Manager
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites.
network
low complexity
hitachi CWE-601
6.1
2017-05-29 CVE-2017-9296 Open Redirect vulnerability in Hitachi Device Manager
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites.
network
low complexity
hitachi CWE-601
6.1
2017-05-29 CVE-2017-9295 XXE vulnerability in Hitachi Device Manager
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files.
network
low complexity
hitachi CWE-611
6.5