CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39984 – Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability in Hitachi EH-VIEW (KeypadDesigner)
https://notcve.org/view.php?id=CVE-2023-39984
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose information and execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. • https://www.hitachi.com/hirt/hitachi-sec/2023/002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3495 – Out-of-bounds Write Vulnerability in Hitachi EH-VIEW (KeypadDesigner)
https://notcve.org/view.php?id=CVE-2023-3495
Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. • https://www.hitachi.com/hirt/hitachi-sec/2023/002.html • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34143 – Improper Validation of Certificate Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-34143
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34142 – Cleartext Transmission Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-34142
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4146 – EL Injection Vulnerability in Hitachi Replication Manager
https://notcve.org/view.php?id=CVE-2022-4146
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-123/index.html • CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •