CVE-2018-21026
https://notcve.org/view.php?id=CVE-2018-21026
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information. Una vulnerabilidad en Hitachi Command Suite versiones 7.x y versiones 8.x anteriores a 8.6.5-00, permite a un usuario remoto no autenticado leer información interna. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/index.html https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-124 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-17360
https://notcve.org/view.php?id=CVE-2019-17360
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. Una vulnerabilidad en Hitachi Command Suite versiones 7.x y versiones 8.x anteriores a 8.7.0-00, permite a un usuario remoto no autenticado activar una condición de denegación de servicio (DoS) debido al Consumo de Recursos No Controlado. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/index.html https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-125 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-14735
https://notcve.org/view.php?id=CVE-2018-14735
An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message. Se ha descubierto un problema de exposición de información en Hitachi Command Suite 8.5.3. Un atacante remoto podría ser capaz de explotar un error en el permiso de mensajería que podría permitir la exposición de información mediante un mensaje manipulado. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-123 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1565
https://notcve.org/view.php?id=CVE-2015-1565
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la ayuda online en Hitachi Device Manager, Tiered Storage Manager, Replication Manager, y Global Link Manager anterior a 8.1.2-00, y Compute Systems Manager anterior a 7.6.1-08 y 8.x anterior a 8.1.2-00, utilizado en Hitachi Command Suite, permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados. • http://secunia.com/advisories/62579 http://secunia.com/advisories/62584 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-3623
https://notcve.org/view.php?id=CVE-2007-3623
Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, y GlobalLink Availability Manager anterior a 20070528 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de cabeceras HTTP esperadas. • http://osvdb.org/37848 http://osvdb.org/37849 http://secunia.com/advisories/25973 http://www.hitachi-support.com/security_e/vuls_e/HS07-017_e/index-e.html http://www.securityfocus.com/bid/24797 http://www.vupen.com/english/advisories/2007/2457 https://exchange.xforce.ibmcloud.com/vulnerabilities/35286 •