Cascading Style Sheets Vulnerability in Hitachi Command Suite and Related Products
CVE-2018-21033

5MEDIUM

Key Information:

Vendor: Hitachi
Status: Device Manager
Vendor: CVE Published:; 14 February 2020

Summary

The vulnerability allows authenticated remote users to exploit arbitrary Cascading Style Sheets (CSS) token sequences in several Hitachi products. This exposure can lead to unauthorized actions or modifications, presenting significant security risks for organizations using these systems. Users of Hitachi Command Suite, Automation Director, and Infrastructure Analytics Advisor versions prior to the specified releases should take precautions to mitigate potential threats related to this issue.

References

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/

x_refsource_MISC

https://www.hitachi.co.jp/Prod/comp/soft1/global/security...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 14, 2020
Vulnerability Reserved
Dec 11, 2019