CVE-2021-31989
https://notcve.org/view.php?id=CVE-2021-31989
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices. Un usuario con permiso para iniciar sesión en la máquina que aloja el cliente AXIS Device Manager podría en determinadas condiciones, extraer un volcado de memoria de la aplicación integrada Windows Task Manager. El volcado de memoria puede contener potencialmente unas credenciales de los dispositivos Axis conectados. • https://www.axis.com/files/tech_notes/CVE-2021-31989.pdf • CWE-312: Cleartext Storage of Sensitive Information CWE-316: Cleartext Storage of Sensitive Information in Memory •
CVE-2018-21033
https://notcve.org/view.php?id=CVE-2018-21033
A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. Una vulnerabilidad en Hitachi Command Suite versiones anteriores a 8.6.2-00, Hitachi Automation Director versiones anteriores a 8.6.2-00 y Hitachi Infrastructure Analytics Advisor versiones anteriores a 4.2.0-00, permiten a usuarios autenticados remotos cargar secuencia de tokens de tipo Cascading Style Sheets (CSS) arbitrarias. Hitachi Command Suite incluye Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager y Hitachi Compute Systems Manager. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-128 • CWE-20: Improper Input Validation •
CVE-2017-9296
https://notcve.org/view.php?id=CVE-2017-9296
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Tuning Manager anterior a 8.5.2-00, permite a atacantes remotos redireccionar usuarios autenticados a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 http://www.securityfocus.com/bid/98774 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2017-9295
https://notcve.org/view.php?id=CVE-2017-9295
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. Un vulnerabilidad XXE en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Replication Manager anterior a 8.5.2-00 permite a los usuarios remotos autenticados leer archivos arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 http://www.securityfocus.com/bid/98761 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2017-9294
https://notcve.org/view.php?id=CVE-2017-9294
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. Una vulnerabilidad RMI en Hitachi Device Manager anterior a 8.5.2-01 permite a atacantes remotos ejecutar comandos internos sin autenticación a través de puertos RMI. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 http://www.securityfocus.com/bid/98765 •