Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer
CVE-2025-66444

8.2HIGH

Key Information:

Vendor: Hitachi
Status: Hitachi Infrastructure Analytics Advisor; Hitachi Ops Center Analyzer
Vendor: CVE Published:; 24 December 2025

What is CVE-2025-66444?

A cross-site scripting vulnerability exists in the Hitachi Infrastructure Analytics Advisor and the Hitachi Ops Center Analyzer, impacting versions from 10.0.0-00 to 11.0.4-00. This vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users. Successful exploitation may lead to unauthorized actions taken on behalf of users or the disclosure of sensitive information. Users are advised to upgrade to the latest version or apply security patches to mitigate this risk.

Affected Version(s)

Hitachi Infrastructure Analytics Advisor Linux 0

Hitachi Ops Center Analyzer Linux 10.0.0-00 < 11.0.5-00

References

https://www.hitachi.com/products/it/software/security/inf...

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Dec 1, 2025

JSON