CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1531 – Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint OVF
https://notcve.org/view.php?id=CVE-2025-1531
16 May 2025 — Authentication credentials leakage vulnerability in Hitachi Ops Center Analyzer viewpoint.This issue affects Hitachi Ops Center Analyzer viewpoint: from 10.0.0-00 before 11.0.4-00. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-116/index.html • CWE-1392: Use of Default Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1245 – Bypass Connection Restriction Vulnerability in Hitachi Ops Center Analyzer
https://notcve.org/view.php?id=CVE-2025-1245
16 May 2025 — Bypass Connection Restriction vulnerability in Hitachi Infrastructure Analytics Advisor (Data Center Analytics component), Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component).This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.4-00. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-116/index.html • CWE-348: Use of Less Trusted Source •
CVSS: 3.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27525 – Information Exposure vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager
https://notcve.org/view.php?id=CVE-2025-27525
15 May 2025 — Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-115/index.html • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27524 – Weak encryption vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager
https://notcve.org/view.php?id=CVE-2025-27524
15 May 2025 — Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-115/index.html • CWE-326: Inadequate Encryption Strength •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27523 – XXE vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager
https://notcve.org/view.php?id=CVE-2025-27523
15 May 2025 — XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-115/index.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46899 – Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF
https://notcve.org/view.php?id=CVE-2024-46899
22 Apr 2025 — Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF: from 10.0.0-00 before 11.0.0-04. Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF, contienen una vulnerabilidad de fuga de credenciales de autenticación. Este problema afecta a los servicios comunes de... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-111/index.html • CWE-1392: Use of Default Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2300 – Information exposure vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA
https://notcve.org/view.php?id=CVE-2025-2300
22 Apr 2025 — Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00. Hitachi Ops Center Common Services within Hitachi Ops Center OVA, contienen una vulnerabilidad de exposición de información. Este problema afecta a los Servicios Comunes de Hitachi Ops Center desde la versión 11.0.3-00 hasta la 11.0.4-00. Hitachi Ops Center Common Services within Hitachi Ops Center OVA contain... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-112/index.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24907 – Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal
https://notcve.org/view.php?id=CVE-2025-24907
16 Apr 2025 — Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. (CWE-35) Description Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2, including 9.3.x and 8.3.x, do not sanitize a user input used as a file path through the CGG Draw API. Impact This allows attackers to traverse the fil... • https://support.pentaho.com/hc/en-us/articles/35781624069005--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Path-Traversal-Versions-before-10-2-0-2-including-9-3-x-Impacted-CVE-2025-24907 • CWE-35: Path Traversal: '.../ •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24911 – Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
https://notcve.org/view.php?id=CVE-2025-24911
16 Apr 2025 — Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the application that is processing the XML. This application may echo back the data (e.g. in an error message), thereby exposing the file contents. (CWE-611) Description Hitachi Vantara Pentaho Business Analytics Serve... • https://support.pentaho.com/hc/en-us/articles/35783689016589--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Restriction-of-XML-External-Entity-Reference-Versions-before-10-2-0-2-including-9-3-x-Impacted-CVE-2025-24911 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24910 – Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference
https://notcve.org/view.php?id=CVE-2025-24910
16 Apr 2025 — Overview XML documents optionally contain a Document Type Definition (DTD), which, among other features, enables the definition of XML entities. It is possible to define an entity by providing a substitution string in the form of a URI. Once the content of the URI is read, it is fed back into the application that is processing the XML. This application may echo back the data (e.g. in an error message), thereby exposing the file contents. (CWE-611) Description Hitachi Vantara Pentaho Business Analytics Serve... • https://support.pentaho.com/hc/en-us/articles/35782683750541--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Improper-Restriction-of-XML-External-Entity-Reference-Versions-before-10-2-0-2-including-9-3-x-Impacted-CVE-2025-24910 • CWE-611: Improper Restriction of XML External Entity Reference •