CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9295
https://notcve.org/view.php?id=CVE-2017-9295
29 May 2017 — XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. Un vulnerabilidad XXE en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Replication Manager anterior a 8.5.2-00 permite a los usuarios remotos autenticados leer archivos arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9296
https://notcve.org/view.php?id=CVE-2017-9296
29 May 2017 — Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Tuning Manager anterior a 8.5.2-00, permite a atacantes remotos redireccionar usuarios autenticados a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9297
https://notcve.org/view.php?id=CVE-2017-9297
29 May 2017 — Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 permitiría a un atacante remoto, redirigir a los usuarios a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9298
https://notcve.org/view.php?id=CVE-2017-9298
29 May 2017 — Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. Una vulnerabilidad de secuencias de comandos entre sitios (XSS) en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Replication Manager anterior a 8.5.2-00 permitiría a usuarios remotos autenticados ejecutar código JavaScript arbitrario. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2017-9294
https://notcve.org/view.php?id=CVE-2017-9294
29 May 2017 — RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. Una vulnerabilidad RMI en Hitachi Device Manager anterior a 8.5.2-01 permite a atacantes remotos ejecutar comandos internos sin autenticación a través de puertos RMI. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2015-1565
https://notcve.org/view.php?id=CVE-2015-1565
09 Feb 2015 — Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la ayuda online en Hitachi Device Manager, Tiered Storage Manager, Replication Manager, y Global Link Manager anterior a 8.... • http://secunia.com/advisories/62579 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •