8 matches found
EUVD-2021-8154
Malicious code in bioql PyPI...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
Design/Logic Flaw
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
Hitachi Virtual File Platform vulnerable to OS command injection
Overview Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#21298724: Hitachi Virtual File Platform vulnerable to OS command injection
Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Impact A remote attacker who can log in to the product may execute an arbitrary OS command with root privilege. Solution Update the...