Lucene search

HitachiCVELIST:CVE-2024-2493

HistoryApr 23, 2024 - 5:35 a.m.

CVE-2024-2493 Session Hijacking Vulnerability in Hitachi Ops Center Analyzer

2024-04-2305:35:57

CWE-614

Hitachi

www.cve.org

hitachi

ops center

analyzer

session hijacking

vulnerability

cve-2024-2493

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.0%

JSON

Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.1-00.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "11.0.1-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "11.0.1-00",
        "status": "affected",
        "version": "10.0.0-00",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-122/index.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-2493