Lucene search

HitachiCVE-2023-30469

HistoryMay 23, 2023 - 2:15 a.m.

CVE-2023-30469

2023-05-2302:15:10

CWE-79

Hitachi

web.nvd.nist.gov

cve-2023-30469

cross-site scripting

hitachi ops center analyzer

reflected xss

security vulnerability

nvd

cve

CVSS3

7.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

EPSS

0.001

Percentile

18.4%

JSON

Cross-site Scripting vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component) allows Reflected XSS.This issue affects Hitachi Ops Center Analyzer: from 10.9.1-00 before 10.9.2-00.

Affected configurations

Nvd

Node

hitachiops_center_analyzerMatch10.9.1-00

AND

linuxlinux_kernelMatch-x64

VendorProductVersionCPE
hitachiops_center_analyzer10.9.1-00cpe:2.3:a:hitachi:ops_center_analyzer:10.9.1-00:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*

Vendor	Product	Version	CPE
hitachi	ops_center_analyzer	10.9.1-00	cpe:2.3:a:hitachi:ops_center_analyzer:10.9.1-00:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-::::::x64:

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Hitachi Ops Center Analyzer detail view"
    ],
    "platforms": [
      "Linux",
      "64 bit"
    ],
    "product": "Hitachi Ops Center Analyzer",
    "vendor": "Hitachi",
    "versions": [
      {
        "changes": [
          {
            "at": "10.9.2-00",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.9.2-00",
        "status": "affected",
        "version": "10.9.1-00",
        "versionType": "custom"
      }
    ]
  }
]

References

www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-115/index.html