First published: Tue Feb 28 2023(Updated: )
Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00.
Credit: hirt@hitachi.co.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Hitachi Infrastructure Analytics Advisor | >=2.0.0-00<10.9.1-00 | |
Hitachi Ops Center Analyzer | >=10.0.0-00<10.9.1-00 | |
Linux Linux kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-4895 is an Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component) and Hitachi Ops Center Analyzer on Linux (Analyzer probe component) that allows a Man in the Middle Attack.
Hitachi Infrastructure Analytics Advisor versions from 2.0.0-00 to 10.9.1-00 and Hitachi Ops Center Analyzer versions from 10.0.0-00 to 10.9.1-00 are affected by CVE-2022-4895.
CVE-2022-4895 has a severity score of 8.1, which is classified as high.
To fix CVE-2022-4895, it is recommended to apply the latest security patch or update provided by Hitachi for Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer.
More information about CVE-2022-4895 can be found on the Hitachi website at: https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html