Lucene search

[email protected]CVE-2023-30469

HistoryMay 23, 2023 - 2:15 a.m.

CVE-2023-30469

2023-05-2302:15:10

CWE-79

[email protected]

web.nvd.nist.gov

cve-2023-30469

cross-site scripting

hitachi ops center analyzer

reflected xss

security vulnerability

nvd

cve

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

0.0005 Low

EPSS

Percentile

18.4%

JSON

Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component) allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00.

Affected configurations

NVD

Node

hitachiops_center_analyzerMatch10.9.1-00

AND

linuxlinux_kernelMatch-x64

CPENameOperatorVersion
hitachi:ops_center_analyzerhitachi ops center analyzereq10.9.1-00

CPE	Name	Operator	Version
hitachi:ops_center_analyzer	hitachi ops center analyzer	eq	10.9.1-00

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Hitachi Ops Center Analyzer detail view"
    ],
    "platforms": [
      "Linux",
      "64 bit"
    ],
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.2-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.2-00",
        "status": "affected",
        "version": "10.9.1-00",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-115/index.html