7 matches found
CVE-2020-36695
CVE-2020-36695 is a File/Directory Permissions vulnerability in Hitachi Command Suite components on Linux caused by incorrect default permissions in the Device Manager Server component, Hitachi Tuning Manager server, and related agents, enabling file manipulation. Affected versions: Hitachi Devic...
CVE-2022-4146
CVE-2022-4146 is an Expression Language Injection vulnerability in Hitachi Replication Manager. The issue affects Hitachi Replication Manager on Windows, Linux, and Solaris and is triggered by injection into the product’s expression language handling, potentially allowing code injection. The affe...
CVE-2015-1565
CVE-2015-1565 describes a cross-site scripting (XSS) vulnerability in the online help of Hitachi Command Suite components, specifically Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager (pre-8.1.2-00) and Compute Systems Manager (pre-7.6.1-08 and 8.x bef...
CVE-2019-17360
CVE-2019-17360 affects Hitachi Command Suite 7.x and 8.x prior to 8.7.0-00. unauthenticated remote users can trigger a denial-of-service due to Uncontrolled Resource Consumption. Multiple sources (NVD, Red Hat entry, CVE records) confirm the affected product family and vulnerable condition; no ex...
CVE-2018-21033
The CVE-2018-21033 vulnerability affects Hitachi Command Suite (and related products) prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00, and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00. The issue allows authenticated remote users to load an arbitrary CSS token sequen...
CVE-2018-21026
CVE-2018-21026 affects Hitachi Command Suite 7.x and 8.x up to but not including 8.6.5-00. An unauthenticated remote user can read internal information. The vulnerability is documented across multiple sources (NVD, RH, JVN, CNVD) with the impact described as information disclosure. Mitigation per...
CVE-2018-14735
CVE-2018-14735 applies to Hitachi Command Suite 8.5.3. An Information Disclosure vulnerability exists due to a flaw in messaging permissions, allowing a remote attacker to obtain information via a specially crafted message. Connected documents corroborate the same vulnerability description across...