Vulnerability Details CVE-2014-4188
Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/58528
- http://secunia.com/advisories/58899
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html
- http://www.securityfocus.com/bid/68015
- http://secunia.com/advisories/58528
- http://secunia.com/advisories/58899
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html
- http://www.securityfocus.com/bid/68015
Products affected by CVE-2014-4188
-
cpe:2.3:a:hitachi:jp1/performance_management-manager_web_option:07-00
-
cpe:2.3:a:hitachi:jp1/performance_management-manager_web_option:07-54
-
cpe:2.3:a:hitachi:tuning_manager:6.0.0
-
cpe:2.3:a:hitachi:tuning_manager:7.1.0
-
cpe:2.3:a:hitachi:tuning_manager:7.6.1
-
cpe:2.3:a:hitachi:tuning_manager:8.0.0