Latest Hitachi Vulnerabilities

CVE-2024-21840
Directory and File Permission Vulnerability in Hitachi Storage Plug-in for VMware vCenter
Hitachi Storage Plug-in>=04.0.0<04.10.0
CVE-2023-6457
File and Directory Permission Vulnerability in Hitachi Tuning Manager
Hitachi Tuning Manager<8.8.5-04
CVE-2023-49107
Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
CVE-2023-49106
Missing Password Field Masking Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
CVE-2023-3517
Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')
Hitachi Pentaho Data Integration And Analytics>=1.0<9.3.0.5
Hitachi Pentaho Data Integration And Analytics>=9.4.0.0<9.5.0.1
CVE-2023-6538
System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products is susceptible to unintended information disclosure via unprivileged access to SMU configuratio...
Hitachi System Management Unit Firmware<14.8.7825.01
Hitachi System Management Unit
CVE-2023-5808
System Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configurat...
Hitachi Vantara Hitachi Network Attached Storage<=14.8.7825.01
Microsoft Windows
CVE-2023-3967
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.
Hitachi Ops Center Common Services<10.9.3-00
Linux Linux kernel
CVE-2023-3440
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management - Manager: from 09-00 before 12-50-0...
Hitachi Jp1\/performance Management
Microsoft Windows
CVE-2023-3335
Information Exposure Vulnerability in Hitachi Ops Center Administrator
Hitachi Ops Center Administrator<10.9.3-00
Linux Linux kernel
Hitachi Ops Center Administrator<10.9.3-00
Linux Linux kernel
CVE-2023-1995
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-2...
Hitachi Hirdb Server With Additional Function>=09-00<=09-00-2d
Hitachi Hirdb Server With Additional Function>=09-01<=09-01-\/x
Hitachi Hirdb Server With Additional Function>=09-02<=09-02-2f
Hitachi Hirdb Server With Additional Function>=09-03<=09-03-2a
Hitachi Hirdb Server With Additional Function>=09-04<=09-04-2s
Hitachi Hirdb Server With Additional Function>=09-50<=09-50-2k
and 40 more
CVE-2023-39984
** UNSUPPORTED WHEN ASSIGNED ** Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose...
Hitachi EH-VIEW
CVE-2023-39985
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User inte...
Hitachi EH-VIEW
CVE-2023-3495
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. Use...
Hitachi EH-VIEW
CVE-2023-39986
** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Read vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially disclose information on affected EH-VIEW installations. User intera...
Hitachi EH-VIEW
CVE-2023-34143
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man...
Hitachi Device Manager<8.8.5-02
Linux Linux kernel
Microsoft Windows
CVE-2023-34142
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Intercept...
Hitachi Device Manager<8.8.5-02
Linux Linux kernel
Microsoft Windows
CVE-2022-4146
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.
Hitachi Replication Manager<8.8.5-02
Linux Linux kernel
Microsoft Windows
Oracle Solaris
CVE-2020-36695
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi...
Hitachi Compute Systems Manager<8.8.3-08
Hitachi Device Manager<8.8.5-02
Hitachi Replication Manager<8.8.5-02
Hitachi Tiered Storage Manager<8.8.5-02
Hitachi Tuning Manager<8.8.5-02
Linux Linux kernel
CVE-2023-1158
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x expose dashboard prompts to users who are not part of the authorization list. 
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
Hitachi Vantara Pentaho Business Analytics Server>=9.3.0.0<=9.3.0.3
Hitachi Vantara Pentaho>=8.3.0.0<=8.3.0.25
CVE-2022-4815
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods....
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
Hitachi Vantara Pentaho Business Analytics Server>=9.3.0.0<=9.3.0.3
Hitachi Vantara Pentaho>=8.3.0.0<=8.3.0.25
CVE-2023-30469
Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component) allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-0...
Hitachi Ops Center Analyzer=10.9.1-00
Linux Linux kernel
CVE-2022-4770
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL query in an error message when an invalid character is used w...
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
CVE-2022-4769
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name.
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
CVE-2022-43938
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports (*.prp...
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-43939
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. 
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-43940
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x do not correctly perform an authorization check in the data source management service.
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-4771
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow a malicious URL to inject content into the Pentaho User Console through session variables...
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-3960
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboar...
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-43772
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system l...
Hitachi Vantara Pentaho Business Analytics Server<9.3.0.1
CVE-2022-43773
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled.
Hitachi Vantara Pentaho Business Analytics Server>=8.3.0.0<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2022-43769
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are inte...
Hitachi Vantara Pentaho Business Analytics Server>=8.3.0.0<9.3.0.2
Hitachi Vantara Pentaho Business Analytics Server=9.4.0.0
CVE-2020-36652
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server...
Hitachi Automation Director>=8.2.0-00<=10.6.1-00
Hitachi Infrastructure Analytics Advisor>=2.0.0-00<=4.0.0-00
Hitachi Ops Center Analyzer<10.9.1-00
Hitachi Ops Center Automator<10.9.1-00
Hitachi Ops Center Viewpoint<10.9.1-00
Linux Linux kernel
CVE-2022-4895
Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows M...
Hitachi Infrastructure Analytics Advisor>=2.0.0-00<10.9.1-00
Hitachi Ops Center Analyzer>=10.0.0-00<10.9.1-00
Linux Linux kernel
CVE-2022-3884
Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue ...
Hitachi Ops Center Analyzer>=10.9.0-00<10.9.1-00
Microsoft Windows
CVE-2022-4041
Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in f...
Hitachi Storage Plug-in=04.8.0
Hitachi Storage Plug-in=04.9.0
CVE-2022-4441
Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects Hitachi Storage Plug-in f...
Hitachi Storage Plug-in=04.8.0
Hitachi Storage Plug-in=04.9.0
CVE-2020-36611
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi ...
Hitachi Tuning Manager<8.8.5-00
Linux Linux kernel
CVE-2021-4266
A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPacka...
Hitachi Community Plugin Framework<9.5.0.0-81
CVE-2022-34881
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operati...
Hitachi Jp1\/automatic Operation>=10-00<=10-00-02
Hitachi Jp1\/automatic Operation>=10-10<=10-10-01
Hitachi Jp1\/automatic Operation>=10-12<=10-12-05
Hitachi Jp1\/automatic Operation>=10-13<=10-13-04
Hitachi Jp1\/automatic Operation>=10-52<=10-52-05
Hitachi Jp1\/automatic Operation>=10-53<=10-53-03
and 24 more
CVE-2021-45448
Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 using the Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user-supplied path to access resources ...
Hitachi Vantara Pentaho>=8.3.0.0<8.3.0.25
Hitachi Vantara Pentaho>=9.2.0.0<9.2.0.2
CVE-2021-45447
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text. The transmission of se...
Hitachi Vantara Pentaho>=8.3.0.0<8.3.0.25
Hitachi Vantara Pentaho>=9.2.0.0<9.2.0.2
CVE-2021-45446
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listin...
Hitachi Vantara Pentaho>=8.3.0.0<8.3.0.25
Hitachi Vantara Pentaho>=9.2.0.0<9.2.0.2
CVE-2020-36605
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi O...
Hitachi Infrastructure Analytics Advisor>=2.0.0-00<=4.4.0-00
Linux Linux kernel
Microsoft Windows
Hitachi Ops Center Analyzer>=10.0.0-00<10.9.0-00
Hitachi Ops Center Viewpoint>=10.8.0-00<10.9.0-00
CVE-2022-41552
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi...
Hitachi Infrastructure Analytics Advisor>=2.0.0-00<=4.4.0-00
Linux Linux kernel
Microsoft Windows
Hitachi Ops Center Analyzer>=10.0.0-00<10.9.0-00
Hitachi Ops Center Viewpoint>=10.8.0-00<10.9.0-00
CVE-2022-41553
Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops...
Hitachi Infrastructure Analytics Advisor>=2.0.0-00<=4.4.0-00
Linux Linux kernel
Hitachi Ops Center Analyzer>=10.0.0-00<10.9.0-00
CVE-2022-3191
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux (Virtual Strage Software Agent component) allows local users to gain sensitive information. This ...
Hitachi Ops Center Analyzer>=10.8.1-00<10.9.0-00
Linux Linux kernel
CVE-2022-2637
Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Pl...
Hitachi Storage Plug-in=04.8.0
CVE-2022-34883
OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Stor...
Hitachi RAID Manager Storage Replication Adapter>=02.01.04<02.03.02
Hitachi RAID Manager Storage Replication Adapter=02.05.00
Microsoft Windows
Docker Docker
CVE-2022-34882
Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to gain sensitive information. This issue affects: Hit...
Hitachi RAID Manager Storage Replication Adapter>=02.01.04<02.03.02
Hitachi RAID Manager Storage Replication Adapter=02.05.00
Microsoft Windows
Docker Docker

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203