CVE-2022-2155 A vulnerability exists in the Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role.

A vulnerability exists in the affected versions of Lumada APM’s User Asset Group feature due to a flaw in access control mechanism implementation on the “Limited Engineer” role, granting it access to the embedded Power BI reports feature. An attacker that manages to exploit the vulnerability on a...

PT-2023-12668 · Hitachi · Lumada Apm

Name of the Vulnerable Software and Affected Versions: Lumada APM on-premises versions 6.0.0.0 through 6.4.0. Description: A vulnerability exists in Lumada APM's User Asset Group feature due to a flaw in access control mechanism implementation on the "Limited Engineer" role, granting it access to...

CVE-2021-35531

Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects:...

Hitachi Energy TXpert Hub CoreTec 4 操作系统命令注入漏洞

The Hitachi Energy TXpert Hub CoreTec 4 is a digital transformer monitoring and diagnostic device from Hitachi, Ltd Hitachi, Japan. The Hitachi Energy TXpert Hub CoreTec 4 suffers from an operating system command injection vulnerability that originates from incorrect input validation in a...