cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-5828,https://securityvulnerability.io/vulnerability/CVE-2024-5828,Hitachi Tuning Manager Injection Vulnerability Allows Code Injection,"An Expression Language Injection vulnerability exists in Hitachi Tuning Manager, which operates across Windows, Linux, and Solaris platforms. This vulnerability can allow attackers to conduct code injection attacks, compromising the integrity of the application and potentially leading to unauthorized access or manipulation of data. The affected versions prior to 8.8.7-00 demonstrate insufficient validation of user input, enabling exploitation through crafted expressions. Organizations utilizing Hitachi Tuning Manager are urged to assess their environments for this vulnerability and apply appropriate security patches to mitigate risks and protect sensitive information.",Hitachi,Hitachi Tuning Manager,9.8,CRITICAL,0.001290000043809414,false,,false,false,false,,,false,false,,2024-08-06T02:21:38.553Z,0 CVE-2023-6457,https://securityvulnerability.io/vulnerability/CVE-2023-6457,File and Directory Permission Vulnerability in Hitachi Tuning Manager,"The Hitachi Tuning Manager for Windows contains an Incorrect Default Permissions vulnerability within its server component that could allow local users to read and write to certain files unchecked. This vulnerability raises significant security concerns, as it can lead to unauthorized data access and potential system compromises. Affected versions include those prior to 8.8.5-04. Users and administrators are urged to apply the necessary updates to mitigate risks associated with this safeguard lapse.",Hitachi,Hitachi Tuning Manager,7.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-16T01:00:33.447Z,0 CVE-2020-36695,https://securityvulnerability.io/vulnerability/CVE-2020-36695,File and Directory Permission Vulnerability in Hitachi Command Suite,"Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08. ",Hitachi,"Hitachi Device Manager,Hitachi Tiered Storage Manager,Hitachi Replication Manager,Hitachi Tuning Manager,Hitachi Compute Systems Manager",6.6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-07-18T01:59:31.566Z,0 CVE-2020-36611,https://securityvulnerability.io/vulnerability/CVE-2020-36611,File and Directory Permission Vulnerability in Hitachi Tuning Manager,"Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. ",Hitachi,Hitachi Tuning Manager,6.6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-01-17T01:21:48.024Z,0 CVE-2018-14735,https://securityvulnerability.io/vulnerability/CVE-2018-14735,,An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message.,Hitachi,"Compute Systems Manager,Device Manager,Replication Manager,Tiered Storage Manager,Tuning Manager",7.5,HIGH,0.0027199999894946814,false,,false,false,false,,,false,false,,2018-08-09T20:00:00.000Z,0 CVE-2014-4189,https://securityvulnerability.io/vulnerability/CVE-2014-4189,,Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,Hitachi,"Tuning Manager,Jp1\/performance Management-manager Web Option",,,0.002199999988079071,false,,false,false,false,,,false,false,,2014-06-17T14:00:00.000Z,0 CVE-2014-4188,https://securityvulnerability.io/vulnerability/CVE-2014-4188,,Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.,Hitachi,"Tuning Manager,Jp1\/performance Management-manager Web Option",,,0.0015699999639764428,false,,false,false,false,,,false,false,,2014-06-17T14:00:00.000Z,0 CVE-2007-1853,https://securityvulnerability.io/vulnerability/CVE-2007-1853,,"Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors.",Hitachi,"Jp1-hicommand Device Manager,Jp1-hicommand Replication Monitor,Jp1-hicommand Tiered Storage Manager,Jp1-hicommand Tuning Manager,Jp1-hicommand Global Link Availability Manager",,,0.001990000018849969,false,,false,false,false,,,false,false,,2007-04-03T16:00:00.000Z,0