CVE-2023-6457 – File and Directory Permission Vulnerability in Hitachi Tuning Manager
https://notcve.org/view.php?id=CVE-2023-6457
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04. La vulnerabilidad de permisos predeterminados incorrectos en Hitachi Tuning Manager en Windows (componente del servidor Hitachi Tuning Manager) permite a los usuarios locales leer y escribir archivos específicos. Este problema afecta a Hitachi Tuning Manager: versiones anteriores a 8.8.5-04. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-104/index.html • CWE-276: Incorrect Default Permissions •
CVE-2020-36695 – File and Directory Permission Vulnerability in Hitachi Command Suite
https://notcve.org/view.php?id=CVE-2020-36695
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html • CWE-276: Incorrect Default Permissions •
CVE-2020-36611 – File and Directory Permission Vulnerability in Hitachi Tuning Manager
https://notcve.org/view.php?id=CVE-2020-36611
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. Vulnerabilidad de permisos predeterminados incorrectos en Hitachi Tuning Manager en Linux (servidor Hitachi Tuning Manager, Hitachi Tuning Manager - Agente para RAID, Hitachi Tuning Manager - Agente para NAS, Hitachi Tuning Manager - Agente para componentes de conmutador SAN) permite a los usuarios locales leer y escribir específicos archivos. Este problema afecta a Hitachi Tuning Manager: anteriores a 8.8.5-00. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-101/index.html • CWE-276: Incorrect Default Permissions •
CVE-2018-21033
https://notcve.org/view.php?id=CVE-2018-21033
A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. Una vulnerabilidad en Hitachi Command Suite versiones anteriores a 8.6.2-00, Hitachi Automation Director versiones anteriores a 8.6.2-00 y Hitachi Infrastructure Analytics Advisor versiones anteriores a 4.2.0-00, permiten a usuarios autenticados remotos cargar secuencia de tokens de tipo Cascading Style Sheets (CSS) arbitrarias. Hitachi Command Suite incluye Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager y Hitachi Compute Systems Manager. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-128 • CWE-20: Improper Input Validation •
CVE-2014-4189
https://notcve.org/view.php?id=CVE-2014-4189
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Hitachi Tuning Manager anterior a 7.6.1-06 y 8.x anterior a 8.0.0-04 y JP1/Performance Management - Manager Web Option 07-00 hasta 07-54 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://secunia.com/advisories/58528 http://secunia.com/advisories/58899 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html http://www.securityfocus.com/bid/68015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •