CVE-2017-9294
https://notcve.org/view.php?id=CVE-2017-9294
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. Una vulnerabilidad RMI en Hitachi Device Manager anterior a 8.5.2-01 permite a atacantes remotos ejecutar comandos internos sin autenticación a través de puertos RMI. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 http://www.securityfocus.com/bid/98765 •
CVE-2017-9297
https://notcve.org/view.php?id=CVE-2017-9297
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 permitiría a un atacante remoto, redirigir a los usuarios a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 http://www.securityfocus.com/bid/98775 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2017-9298
https://notcve.org/view.php?id=CVE-2017-9298
Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. Una vulnerabilidad de secuencias de comandos entre sitios (XSS) en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Replication Manager anterior a 8.5.2-00 permitiría a usuarios remotos autenticados ejecutar código JavaScript arbitrario. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-1565
https://notcve.org/view.php?id=CVE-2015-1565
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la ayuda online en Hitachi Device Manager, Tiered Storage Manager, Replication Manager, y Global Link Manager anterior a 8.1.2-00, y Compute Systems Manager anterior a 7.6.1-08 y 8.x anterior a 8.1.2-00, utilizado en Hitachi Command Suite, permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados. • http://secunia.com/advisories/62579 http://secunia.com/advisories/62584 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •