First published: Mon Feb 09 2015(Updated: )
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachi Device Manager | <=8.1.1 | |
Hitachi Replication Manager | <=8.1.1 | |
Hitachi Tiered Storage Manager | <=8.1.1 | |
Microsoft Windows | ||
openSUSE Leap | ||
Red Hat Enterprise Linux | ||
Hitachi Compute Systems Manager | <=7.6.1 | |
Hitachi Compute Systems Manager | =8.0.0 | |
Hitachi Compute Systems Manager | =8.1.0 | |
Hitachi Compute Systems Manager | =8.1.1 | |
Hitachi Global Link Manager | <=8.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-1565 is classified as a high severity vulnerability due to its potential for cross-site scripting attacks.
To mitigate CVE-2015-1565, upgrade to Hitachi Device Manager, Replication Manager, Tiered Storage Manager, Global Link Manager version 8.1.2-00 or later, and Compute Systems Manager version 7.6.1-08 or later.
CVE-2015-1565 affects Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager versions prior to 8.1.2-00, and Compute Systems Manager versions prior to 7.6.1-08 and 8.x prior to 8.1.2-00.
Yes, CVE-2015-1565 is exploitable remotely, allowing attackers to execute cross-site scripting attacks.
CVE-2015-1565 can facilitate cross-site scripting (XSS) attacks, potentially allowing attackers to steal session cookies or perform actions on behalf of users.