ID
VAR-201412-0695
TITLE
Multiple Hitachi Products Cross Site Scripting and Arbitrary Code Execution Vulnerabilities
Trust: 0.3
DESCRIPTION
Multiple Hitachi Products are prone to a cross-site scripting vulnerability and an arbitrary-code execution vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials or execute arbitrary code within the context of the vulnerable application.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | eq | version: | 10-10 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | eq | version: | 10-00-03 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | eq | version: | 10-00-02 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | eq | version: | 09-50-05 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | eq | version: | 09-50-04 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | eq | version: | 10-10 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | eq | version: | 10-00-03 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | eq | version: | 10-00-02 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | eq | version: | 09-50-05 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i advanced | scope: | ne | version: | 10-50 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | ne | version: | 10-50 | Trust: 1.2 |
| vendor: | hitachi | model: | jp1/cm2/network node manager i | scope: | eq | version: | 09-50-04 | Trust: 0.9 |
THREAT TYPE
network
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
EXTERNAL IDS
| db: | HITACHI | id: | HS14-025 | Trust: 0.3 |
| db: | BID | id: | 71973 | Trust: 0.3 |
REFERENCES
| url: | http://www.hitachi.com/ | Trust: 0.3 |
| url: | http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs14-025/index.html | Trust: 0.3 |
CREDITS
The vendor reported this issue.
Trust: 0.3
SOURCES
| db: | BID | id: | 71973 |
LAST UPDATE DATE
2022-05-17T01:43:21.429000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 71973 | date: | 2014-12-12T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 71973 | date: | 2014-12-12T00:00:00 |