Vulnerabilities (CVE)

Filtered by vendor Hitachi Subscribe
Total 173 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-39984 1 Hitachi 1 Eh-view 2024-09-27 N/A 7.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose information and execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2024-28984 1 Hitachi 1 Pentaho Business Analytics Server 2024-09-18 N/A 6.1 MEDIUM
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface.
CVE-2024-28982 1 Hitachi 1 Pentaho Business Analytics Server 2024-09-18 N/A 8.2 HIGH
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML External Entity Reference.
CVE-2024-28983 1 Hitachi 1 Business Analytics Server 2024-09-18 N/A 6.1 MEDIUM
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface.
CVE-2023-39986 1 Hitachi 1 Eh-view 2024-08-02 N/A 5.5 MEDIUM
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Read vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially disclose information on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-39985 1 Hitachi 1 Eh-view 2024-08-02 N/A 7.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-3495 1 Hitachi 1 Eh-view 2024-08-02 N/A 7.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-3335 2 Hitachi, Linux 2 Ops Center Administrator, Linux Kernel 2024-03-07 N/A 5.5 MEDIUM
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users  to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.
CVE-2024-21840 1 Hitachi 1 Storage Plug-in 2024-02-06 N/A 7.1 HIGH
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.
CVE-2023-49106 3 Hitachi, Linux, Microsoft 3 Device Manager, Linux Kernel, Windows 2024-02-05 N/A 7.5 HIGH
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.
CVE-2023-5808 2 Hitachi, Microsoft 2 Vantara Hitachi Network Attached Storage, Windows 2024-02-05 N/A 6.5 MEDIUM
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.
CVE-2023-6538 1 Hitachi 2 System Management Unit, System Management Unit Firmware 2024-02-05 N/A 6.5 MEDIUM
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
CVE-2023-6457 1 Hitachi 1 Tuning Manager 2024-02-05 N/A 7.1 HIGH
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.
CVE-2023-3517 1 Hitachi 1 Pentaho Data Integration And Analytics 2024-02-05 N/A 8.8 HIGH
Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources.
CVE-2023-49107 3 Hitachi, Linux, Microsoft 3 Device Manager, Linux Kernel, Windows 2024-02-05 N/A 7.5 HIGH
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04.
CVE-2020-36695 2 Hitachi, Linux 6 Compute Systems Manager, Device Manager, Replication Manager and 3 more 2024-02-05 N/A 7.8 HIGH
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.
CVE-2023-34143 3 Hitachi, Linux, Microsoft 3 Device Manager, Linux Kernel, Windows 2024-02-05 N/A 8.1 HIGH
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.
CVE-2022-4146 4 Hitachi, Linux, Microsoft and 1 more 4 Replication Manager, Linux Kernel, Windows and 1 more 2024-02-05 N/A 9.8 CRITICAL
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.
CVE-2023-34142 3 Hitachi, Linux, Microsoft 3 Device Manager, Linux Kernel, Windows 2024-02-05 N/A 7.5 HIGH
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.
CVE-2023-1158 1 Hitachi 2 Vantara Pentaho, Vantara Pentaho Business Analytics Server 2024-02-04 N/A 4.3 MEDIUM
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list.