CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachi | jp1\/performance_management-manager_web_option | 07-00 | cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:*:*:*:*:solaris:*:* |
hitachi | jp1\/performance_management-manager_web_option | 07-00 | cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:*:*:*:*:windows:*:* |
hitachi | jp1\/performance_management-manager_web_option | 07-54 | cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:*:*:*:*:solaris:*:* |
hitachi | jp1\/performance_management-manager_web_option | 07-54 | cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:*:*:*:*:windows:*:* |
hitachi | tuning_manager | 6.0.0 | cpe:2.3:a:hitachi:tuning_manager:6.0.0:*:*:*:*:solaris:*:* |
hitachi | tuning_manager | 6.0.0 | cpe:2.3:a:hitachi:tuning_manager:6.0.0:*:*:*:*:windows:*:* |
hitachi | tuning_manager | 7.1.0 | cpe:2.3:a:hitachi:tuning_manager:7.1.0:*:*:*:*:linux_kernel:*:* |
hitachi | tuning_manager | 7.6.1 | cpe:2.3:a:hitachi:tuning_manager:7.6.1:*:*:*:*:solaris:*:* |
hitachi | tuning_manager | 7.6.1 | cpe:2.3:a:hitachi:tuning_manager:7.6.1:05:*:*:*:solaris:*:* |
hitachi | tuning_manager | 8.0.0 | cpe:2.3:a:hitachi:tuning_manager:8.0.0:*:*:*:*:linux_kernel:*:* |