Reflrected Cross Site Scripting Vulnerability in Hitachi Ops Center Analyzer
CVE-2023-30469

7.6HIGH

Key Information:

Vendor: Hitachi
Status: Hitachi Ops Center Analyzer
Vendor: CVE Published:; 23 May 2023

Summary

A Cross-site Scripting vulnerability exists in the Hitachi Ops Center Analyzer, specifically in the detail view component. This vulnerability allows an attacker to execute arbitrary scripts in the context of the user's browser session via reflected XSS attacks. Users with versions prior to 10.9.2-00 are at risk, making it crucial for administrators to implement updates and mitigations to secure their systems against potential exploitation.

Affected Version(s)

Hitachi Ops Center Analyzer Linux 10.9.1-00 < 10.9.2-00

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 23, 2023
Vulnerability Reserved
Apr 11, 2023