Man-in-the-middle attack Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer

CVE-2022-4895

8.6HIGH

Key Information

Vendor: Hitachi
Status: Hitachi Infrastructure Analytics Advisor; Hitachi Ops Center Analyzer
Vendor: CVE Published:; 28 February 2023

Summary

Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00.

Affected Version(s)

Hitachi Infrastructure Analytics Advisor <= 4.4.0-00

Hitachi Ops Center Analyzer < 10.9.1-00

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 8.1 to: 8.6 - (HIGH)
Feb 22, 2024
Vulnerability published.
Feb 28, 2023
Vulnerability Reserved.
Jan 23, 2023

Collectors

NVD DatabaseMitre Database