CVE-2018-21033

5MEDIUM

Key Information:

Vendor: Hitachi
Status: Device Manager
Vendor: CVE Published:; 14 February 2020

Summary

A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager.

References

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/

x_refsource_MISC

https://www.hitachi.co.jp/Prod/comp/soft1/global/security...

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 14, 2020
Vulnerability Reserved
Dec 11, 2019