Man-in-the-middle attack Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer
CVE-2022-4895

8.6HIGH

Key Information:

Vendor: Hitachi
Status: Hitachi Infrastructure Analytics Advisor; Hitachi Ops Center Analyzer
Vendor: CVE Published:; 28 February 2023

Summary

An improper certificate validation vulnerability exists in the Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer, specifically within their Analytics probe and Analyzer probe components. This flaw could potentially allow a Man in the Middle (MitM) attack, where malicious actors can intercept and manipulate the data being communicated between the client and the server. Users of affected versions should consider immediate remediation to protect their data integrity and confidentiality.

Affected Version(s)

Hitachi Infrastructure Analytics Advisor Linux 2.0.0-00 <= 4.4.0-00

Hitachi Ops Center Analyzer Linux 10.0.0-00 < 10.9.1-00

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2023
Vulnerability Reserved
Jan 23, 2023

Collectors

NVD DatabaseMitre Database