Hitachi Device Manager vulnerabilities
17 known vulnerabilities affecting hitachi/device_manager.
Total CVEs
17
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8MEDIUM8
Vulnerabilities
Page 1 of 1
CVE-2017-9294P2CRITICALCVSS 9.8≤ 8.5.22017-05-29
CVE-2017-9294 [CRITICAL] CVE-2017-9294: RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute inter
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports.
nvd
CVE-2023-49106P3HIGHCVSS 7.5fixed in 8.8.5-042024-01-16
CVE-2023-49106 [HIGH] CWE-549 CVE-2023-49106: Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Man
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.
nvd
CVE-2023-34143P3HIGHCVSS 8.1fixed in 8.8.5-022023-07-18
CVE-2023-34143 [HIGH] CWE-297 CVE-2023-34143: Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Win
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.
nvd
CVE-2018-21026P3HIGHCVSS 7.5≥ 7.0.0, < 8.6.5-002019-11-12
CVE-2018-21026 [HIGH] CWE-200 CVE-2018-21026: A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remot
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information.
nvd
CVE-2020-36695P3HIGHCVSS 7.8fixed in 8.8.5-022023-07-18
CVE-2020-36695 [HIGH] CWE-276 CVE-2020-36695: Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Serve
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS
components), Hi
nvd
CVE-2023-34142P3HIGHCVSS 7.5fixed in 8.8.5-022023-07-18
CVE-2023-34142 [HIGH] CWE-319 CVE-2023-34142: Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows,
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.
nvd
CVE-2019-17360P3HIGHCVSS 7.5≥ 7.0.0-00, < 8.7.0-002019-11-12
CVE-2019-17360 [HIGH] CWE-400 CVE-2019-17360: A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remot
A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption.
nvd
CVE-2023-49107P3HIGHCVSS 7.5fixed in 8.8.5-042024-01-16
CVE-2023-49107 [HIGH] CWE-209 CVE-2023-49107: Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04.
nvd
CVE-2018-14735P3HIGHCVSS 7.5≥ 7.0.0-00, < 8.6.1-022018-08-09
CVE-2018-14735 [HIGH] CWE-200 CVE-2018-14735: An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may b
An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message.
nvd
CVE-2017-9295P3MEDIUMCVSS 6.5≤ 8.5.22017-05-29
CVE-2017-9295 [MEDIUM] CWE-611 CVE-2017-9295: XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files.
nvd
CVE-2018-21033P3MEDIUMCVSS 6.5fixed in 8.6.2-002020-02-14
CVE-2018-21033 [MEDIUM] CWE-20 CVE-2018-21033: A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6
A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manage
nvd
CVE-2017-9296P4MEDIUMCVSS 6.1≤ 8.5.22017-05-29
CVE-2017-9296 [MEDIUM] CWE-601 CVE-2017-9296: Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager bef
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites.
nvd
CVE-2025-5781P4MEDIUMCVSS 5.2≥ 8.4.1-00, < 8.6.5-002026-02-25
CVE-2025-5781 [MEDIUM] CWE-532 CVE-2025-5781: Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configur
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.5-00; Hitachi Configuration Manager: from 8.5.1-00 before 11.0.5-00; Hitachi Device Manager: from
nvd
CVE-2017-9298P4MEDIUMCVSS 5.4≤ 8.5.22017-05-29
CVE-2017-9298 [MEDIUM] CWE-79 CVE-2017-9298: Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication
Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code.
nvd
CVE-2017-9297P4MEDIUMCVSS 6.1≤ 8.5.22017-05-29
CVE-2017-9297 [MEDIUM] CWE-601 CVE-2017-9297: Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to red
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites.
nvd
CVE-2015-1565P4MEDIUMCVSS 4.3≤ 8.1.12015-02-09
CVE-2015-1565 [MEDIUM] CWE-79 CVE-2015-1565: Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storag
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified
nvd
CVE-2018-21032P4MEDIUMCVSS 4.3≥ 7.0.0-00, < 8.7.1-002020-02-14
CVE-2018-21032 [MEDIUM] CWE-209 CVE-2018-21032: A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to
A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager.
nvd