
CVE-2020-36652 – File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center
https://notcve.org/view.php?id=CVE-2020-36652
28 Feb 2023 — Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automa... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-106/index.html • CWE-276: Incorrect Default Permissions •

CVE-2022-4895 – Man-in-the-middle attack Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer
https://notcve.org/view.php?id=CVE-2022-4895
28 Feb 2023 — Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00. • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html • CWE-295: Improper Certificate Validation •

CVE-2022-41553 – Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer
https://notcve.org/view.php?id=CVE-2022-41553
01 Nov 2022 — Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer probe component) allows local users to gain sensitive information. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00. Vulnerabilidad de inserción de información confidencial en un archivo tem... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/index.html • CWE-532: Insertion of Sensitive Information into Log File •

CVE-2022-41552 – Server-Side Request Forgery Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer
https://notcve.org/view.php?id=CVE-2022-41552
01 Nov 2022 — Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side Request Forgery. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00. La vulnerabilidad de Server-Side Reqiest ... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/index.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVE-2020-36605 – File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint
https://notcve.org/view.php?id=CVE-2020-36605
01 Nov 2022 — Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-... • https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2022-134/index.html • CWE-276: Incorrect Default Permissions •

CVE-2018-21033
https://notcve.org/view.php?id=CVE-2018-21033
14 Feb 2020 — A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. Una vulnerabilidad en Hitachi Command S... • http://www.hitachi.co.jp/Prod/comp/soft1/global/security • CWE-20: Improper Input Validation •

CVE-2019-17360
https://notcve.org/view.php?id=CVE-2019-17360
12 Nov 2019 — A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. Una vulnerabilidad en Hitachi Command Suite versiones 7.x y versiones 8.x anteriores a 8.7.0-00, permite a un usuario remoto no autenticado activar una condición de denegación de servicio (DoS) debido al Consumo de Recursos No Controlado. • http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/index.html • CWE-400: Uncontrolled Resource Consumption •