CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-49107 – Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-49107
16 Jan 2024 — Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04. Vulnerabilidad de generación de mensaje de error que contiene información confidencial en Hitachi Device Manager en Windows, Linux (módulos Device Manager Agent). Este problema afecta a Hitachi Device Manager: versiones anteriores a 8.8.5-04. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-49106 – Missing Password Field Masking Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-49106
16 Jan 2024 — Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. Vulnerabilidad de enmascaramiento de campo de contraseña faltante en Hitachi Device Manager en Windows, Linux (componente Device Manager Agent). Este problema afecta a Hitachi Device Manager: versiones anteriores a 8.8.5-04. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html • CWE-522: Insufficiently Protected Credentials CWE-549: Missing Password Field Masking •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34143 – Improper Validation of Certificate Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-34143
18 Jul 2023 — Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34142 – Cleartext Transmission Vulnerability in Hitachi Device Manager
https://notcve.org/view.php?id=CVE-2023-34142
18 Jul 2023 — Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-36695 – File and Directory Permission Vulnerability in Hitachi Command Suite
https://notcve.org/view.php?id=CVE-2020-36695
18 Jul 2023 — Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: befo... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31989
https://notcve.org/view.php?id=CVE-2021-31989
25 Aug 2021 — A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices. Un usuario con permiso para iniciar sesión en la máquina que aloja el cliente AXIS Device Manager podría en determinadas condiciones, extraer un volcado de memoria de la aplicación integrada Windows Task Manager. El volcado de memoria puede ... • https://www.axis.com/files/tech_notes/CVE-2021-31989.pdf • CWE-312: Cleartext Storage of Sensitive Information CWE-316: Cleartext Storage of Sensitive Information in Memory •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21033
https://notcve.org/view.php?id=CVE-2018-21033
14 Feb 2020 — A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. Una vulnerabilidad en Hitachi Command S... • http://www.hitachi.co.jp/Prod/comp/soft1/global/security • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9295
https://notcve.org/view.php?id=CVE-2017-9295
29 May 2017 — XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. Un vulnerabilidad XXE en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Replication Manager anterior a 8.5.2-00 permite a los usuarios remotos autenticados leer archivos arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9296
https://notcve.org/view.php?id=CVE-2017-9296
29 May 2017 — Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 y en Hitachi Tuning Manager anterior a 8.5.2-00, permite a atacantes remotos redireccionar usuarios autenticados a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9297
https://notcve.org/view.php?id=CVE-2017-9297
29 May 2017 — Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. Una vulnerabilidad Open Redirect en Hitachi Device Manager anterior a 8.5.2-01 permitiría a un atacante remoto, redirigir a los usuarios a sitios web arbitrarios. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •