Hitachi: Security Vulnerabilities
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-02-28
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03.
CVSS Score
7.6
EPSS Score
0.005
Published
2024-02-20
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files.
This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.
CVSS Score
7.9
EPSS Score
0.0
Published
2024-01-30
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-01-16
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-01-16
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.
CVSS Score
6.6
EPSS Score
0.0
Published
2024-01-16
Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including
8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources.
CVSS Score
8.5
EPSS Score
0.001
Published
2023-12-12
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
CVSS Score
7.6
EPSS Score
0.053
Published
2023-12-11
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
CVSS Score
7.6
EPSS Score
0.003
Published
2023-12-05
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-03