CVSS: 4.3EPSS: 0%CPEs: 21EXPL: 0CVE-2007-3623
https://notcve.org/view.php?id=CVE-2007-3623
Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, y GlobalLink Availability Manager anterior a 20070528 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de cabeceras HTTP esperadas. • http://osvdb.org/37848 http://osvdb.org/37849 http://secunia.com/advisories/25973 http://www.hitachi-support.com/security_e/vuls_e/HS07-017_e/index-e.html http://www.securityfocus.com/bid/24797 http://www.vupen.com/english/advisories/2007/2457 https://exchange.xforce.ibmcloud.com/vulnerabilities/35286 •
CVSS: 5.0EPSS: 0%CPEs: 44EXPL: 0CVE-2007-1853
https://notcve.org/view.php?id=CVE-2007-1853
Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors. Vulnerabilidad sin especificar en el Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager y Tuning Manager permite a usuarios locales obtener la información de la autenticación mediante vectores sin especificar. • http://osvdb.org/34590 http://secunia.com/advisories/24684 http://www.hitachi-support.com/security_e/vuls_e/HS07-007_e/index-e.html http://www.securityfocus.com/bid/23210 http://www.vupen.com/english/advisories/2007/1169 https://exchange.xforce.ibmcloud.com/vulnerabilities/33328 •