ID
VAR-201302-0583
TITLE
Hitachi Multiple Products Cross Site Request Forgery Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2013-01120
DESCRIPTION
Because the application allows users to perform certain operations through unauthenticated HTTP requests, an attacker could use the vulnerability to perform certain operations by tricking an administrator user into a malicious URL. Multiple Hitachi products have security vulnerabilities that allow attackers to use the vulnerabilities for cross-site scripting attacks. Attackers can construct malicious URIs to trick users into parsing, gaining sensitive information, or hijacking user sessions
Trust: 1.08
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 1.2 |
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
AFFECTED PRODUCTS
| vendor: | hitachi | model: | jp1/performance management | scope: | - | version: | - | Trust: 1.2 |
| vendor: | hitachi | model: | tuning manager | scope: | eq | version: | 7.x | Trust: 1.2 |
| vendor: | hitachi | model: | tuning manager | scope: | eq | version: | 6.x | Trust: 1.2 |
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
PATCH
| title: | Patch for Hitachi Multiple Products Cross Site Request Forgery Vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/31996 | Trust: 0.6 |
| title: | Patch for Hitachi Multiple Product Cross-Site Scripting Vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/31995 | Trust: 0.6 |
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
EXTERNAL IDS
| db: | SECUNIA | id: | 52263 | Trust: 1.2 |
| db: | CNVD | id: | CNVD-2013-01120 | Trust: 0.6 |
| db: | CNVD | id: | CNVD-2013-01119 | Trust: 0.6 |
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
REFERENCES
| url: | http://secunia.com/advisories/52263/ | Trust: 1.2 |
sources:
CNVD: CNVD-2013-01120 //
CNVD: CNVD-2013-01119
SOURCES
| db: | CNVD | id: | CNVD-2013-01120 |
| db: | CNVD | id: | CNVD-2013-01119 |
LAST UPDATE DATE
2022-05-17T01:55:58.144000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2013-01120 | date: | 2013-02-21T00:00:00 |
| db: | CNVD | id: | CNVD-2013-01119 | date: | 2013-02-21T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2013-01120 | date: | 2013-02-21T00:00:00 |
| db: | CNVD | id: | CNVD-2013-01119 | date: | 2013-02-21T00:00:00 |