CVSS: 7.8EPSS: 0%CPEs: 106EXPL: 0CVE-2021-29645
https://notcve.org/view.php?id=CVE-2021-29645
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 calls the SendMessageTimeoutW API with arbitrary arguments via a local pipe, leading to a local privilege escalation vulnerability. An attacker who exploits this issue could execute arbitrary code on the local system. Hitachi JP1/IT Desktop Management 2 Agent versiones 9 hasta 12, llaman a la API SendMessageTimeoutW con argumentos arbitrarios por medio de una tubería local, conllevando a una vulnerabilidad de escalada de privilegios local. Un atacante que explote este problema podría ejecutar código arbitrario en el sistema local • https://www.hitachi.com/hirt/security/index.html •
CVSS: 10.0EPSS: 0%CPEs: 106EXPL: 0CVE-2021-29644
https://notcve.org/view.php?id=CVE-2021-29644
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS. Hitachi JP1/IT Desktop Management 2 Agent versiones 9 hasta 12, contienen una vulnerabilidad de ejecución de código remota debido a un desbordamiento de enteros. Un atacante con acceso de red al puerto 31016 podría explotar este problema para ejecutar código con privilegios no restringidos en el sistema operativo subyacente • https://www.hitachi.com/hirt/security/index.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2013-4697
https://notcve.org/view.php?id=CVE-2013-4697
Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop Management - Manager 09-50 through 09-50-03, 09-51 through 09-51-05, 10-00 through 10-00-02, and 10-01 through 10-01-02; Hitachi Job Management Partner 1/IT Desktop Management - Manager 09-50 through 09-50-03 and 10-01; and Hitachi IT Operations Director 02-50 through 02-50-07, 03-00 through 03-00-12, and 04-00 through 04-00-01 allow remote authenticated users to gain privileges via unknown vectors. Múltiples vulnerabilidades en Hitachi JP1/IT Desktop Management - Manager 09-50 a la 09-50-03, 09-51 a la 09-51-05, 10-00 a la 10-00-02, y 10-01 a la 10-01-02; Hitachi Job Management Partner 1/IT Desktop Management - Manager 09-50 a la 09-50-03 y 10-01; e Hitachi IT Operations Director 02-50 a la 02-50-07, 03-00 a la 03-00-12, y 04-00 a la 04-00-01, permite a usuarios autenticados remotamente elevar sus privilegios a través de vectores desconocidos. • http://jvn.jp/en/jp/JVN00065218/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000076 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-017/index.html •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2012-4276
https://notcve.org/view.php?id=CVE-2012-4276
Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 before 03-00-08 allows attackers to cause a denial of service via unknown attack vectors. Una vulnerabilidad no especificada en Hitachi IT Operations Director v02-50-01 a v02-50-07, y v03-00 a v03-00-08, permite a atacantes provocar una denegación de servicio a través de vectores de ataque desconocidos. • http://secunia.com/advisories/49144 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2012-4275
https://notcve.org/view.php?id=CVE-2012-4275
Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 before 03-00-08 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Hitachi IT Operations Director v02-50-01 a v02-50-07, v03-00 antes de v03-00-08, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://secunia.com/advisories/49144 http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-014/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •