Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

hitachi compute systems manager vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2020-36695
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager ...
Hitachi Compute Systems ManagerHitachi Device ManagerHitachi Replication ManagerHitachi Tiered Storage ManagerHitachi Tuning Manager
4
CVSSv2
CVE-2018-21033
A vulnerability in Hitachi Command Suite before 8.6.2-00, Hitachi Automation Director before 8.6.2-00 and Hitachi Infrastructure Analytics Advisor before 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Su...
Hitachi Device ManagerHitachi Compute Systems ManagerHitachi Automation DirectorHitachi Tiered Storage ManagerHitachi Replication ManagerHitachi Tuning ManagerHitachi Global Link ManagerHitachi Infrastructure Analytics Advisor
4.3
CVSSv2
CVE-2015-1565
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager prior to 8.1.2-00, and Compute Systems Manager prior to 7.6.1-08 and 8.x prior to 8.1.2-00, as used in Hitachi Command Suite...
Hitachi Device ManagerHitachi Tiered Storage ManagerHitachi Replication ManagerHitachi Global Link ManagerHitachi Compute Systems ManagerHitachi Compute Systems Manager 8.1.1Hitachi Compute Systems Manager 8.1.0Hitachi Compute Systems Manager 8.0.0
4
CVSSv2
CVE-2018-21032
A vulnerability in Hitachi Command Suite before 8.7.1-00 and Hitachi Automation Director before 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Mana...
Hitachi Device ManagerHitachi Compute Systems ManagerHitachi Automation Director
NA
CVE-2022-37434
zlib up to and including 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may...
Zlib ZlibFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37Debian Debian Linux 10.0Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Ontap Select Deploy Administration Utility -Netapp Hci -Netapp Active Iq Unified Manager -Netapp Hci Compute Node -Netapp Management Services For Element Software -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Apple MacosApple Iphone OsApple WatchosApple IpadosStormshield Stormshield Network Security
7.5
CVSSv2
CVE-2018-14720
FasterXML jackson-databind 2.x prior to 2.9.7 might allow malicious users to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0Fasterxml Jackson-databindFasterxml Jackson-databind 2.8.0Fasterxml Jackson-databind 2.9.0Debian Debian Linux 8.0Debian Debian Linux 9.0Oracle Primavera Unifier 16.2Oracle Banking Platform 2.5.0Oracle Primavera Unifier 16.1Oracle Jdeveloper 12.1.3.0.0Oracle Retail Merchandising System 16.0Oracle Webcenter Portal 12.2.1.3.0Oracle Primavera UnifierOracle Communications Billing And Revenue Management 7.5Oracle Communications Billing And Revenue Management 12.0Oracle Financial Services Analytical Applications Infrastructure 8.0.2Oracle Financial Services Analytical Applications Infrastructure 8.0.3Oracle Financial Services Analytical Applications Infrastructure 8.0.4Oracle Financial Services Analytical Applications Infrastructure 8.0.5Oracle Financial Services Analytical Applications Infrastructure 8.0.6Oracle Financial Services Analytical Applications Infrastructure 8.0.7Oracle Banking Platform 2.6.0
7.5
CVSSv2
CVE-2018-19360
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Fasterxml Jackson-databindDebian Debian Linux 8.0Oracle Primavera Unifier 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera Unifier 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Webcenter Portal 12.2.1.3.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle Primavera Unifier 18.8Oracle Retail Workforce Management Software 1.60.9.0.0Oracle Primavera UnifierRedhat Openshift Container Platform 3.11Redhat Jboss Bpm Suite 6.4.11Redhat Jboss Brms 6.4.10Redhat Automation Manager 7.3.1Redhat Decision Manager 7.3.1
7.5
CVSSv2
CVE-2018-19361
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Fasterxml Jackson-databindDebian Debian Linux 8.0Debian Debian Linux 9.0Oracle Primavera Unifier 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera Unifier 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Webcenter Portal 12.2.1.3.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle Primavera Unifier 18.8Oracle Retail Workforce Management Software 1.60.9.0.0Oracle Primavera UnifierRedhat Openshift Container Platform 3.11Redhat Jboss Bpm Suite 6.4.11Redhat Jboss Brms 6.4.10Redhat Automation Manager 7.3.1Redhat Decision Manager 7.3.1
7.5
CVSSv2
CVE-2018-19362
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Fasterxml Jackson-databindDebian Debian Linux 8.0Oracle Primavera Unifier 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera Unifier 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Webcenter Portal 12.2.1.3.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle Primavera Unifier 18.8Oracle Retail Workforce Management Software 1.60.9.0.0Oracle Primavera UnifierRedhat Openshift Container Platform 3.11Redhat Jboss Bpm Suite 6.4.11Redhat Jboss Brms 6.4.10Redhat Automation Manager 7.3.1Redhat Decision Manager 7.3.1
4.3
CVSSv2
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Fedoraproject Fedora 33Oracle Api Gateway 11.1.2.4.0Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Business Intelligence 12.2.1.3.0Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Jd Edwards World Security A9.4Oracle Business Intelligence 12.2.1.4.0Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Business Intelligence 5.5.0.0.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Http Server 12.2.1.4.0Oracle Enterprise Manager For Storage Management 13.4.0.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle MysqlOracle Graalvm 19.3.4Oracle Graalvm 20.3.0Oracle Essbase 21.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook