Lucene search

[email protected]CVE-2015-1565

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2015-1565

2022-10-0316:15:51

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-1565

cross-site scripting

xss

hitachi

device manager

tiered storage manager

replication manager

global link manager

hitachi command suite

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

hitachidevice_managerRange≤8.1.1

hitachireplication_managerRange≤8.1.1

hitachitiered_storage_managerRange≤8.1.1

AND

microsoftwindows

novellopensuse

redhatenterprise_linux

Node

hitachicompute_systems_managerRange≤7.6.1

hitachicompute_systems_managerMatch8.0.0

hitachicompute_systems_managerMatch8.1.0

hitachicompute_systems_managerMatch8.1.1

hitachiglobal_link_managerRange≤8.1.1

AND

microsoftwindows

CPENameOperatorVersion
hitachi:device_managerhitachi device managerle8.1.1
hitachi:replication_managerhitachi replication managerle8.1.1
hitachi:tiered_storage_managerhitachi tiered storage managerle8.1.1

CPE	Name	Operator	Version
hitachi:device_manager	hitachi device manager	le	8.1.1
hitachi:replication_manager	hitachi replication manager	le	8.1.1
hitachi:tiered_storage_manager	hitachi tiered storage manager	le	8.1.1

References

secunia.com/advisories/62579

secunia.com/advisories/62584

www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/index.html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

Related for CVE-2015-1565

cvelist1 nvd1 prion1