Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Hitachi Ops Center OVA by Hitachi

    CVE-2024-45068 (GCVE-0-2024-45068)

    Vulnerability from nvd – Published: 2024-12-03 02:32 – Updated: 2024-12-03 15:54
    VLAI
    Title
    Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA
    Summary
    Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA. This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitachi Hitachi Ops Center Common Services Affected: 10.9.3-00 , < 11.0.3-00 (custom)
    Create a notification for this product.
    Hitachi Hitachi Ops Center OVA Affected: 10.9.3-00 , < 11.0.2-01 (custom)
    Create a notification for this product.
    hitachi ops_center_ova Affected: 10.9.3-00 , < 11.0.2-01 (custom)
        cpe:2.3:a:hitachi:ops_center_ova:*:*:*:*:*:*:*:*
    Create a notification for this product.
    hitachi ops_center_common_services Affected: 10.9.3-00 , < 11.0.3-00 (custom)
        cpe:2.3:a:hitachi:ops_center_common_services:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hitachi:ops_center_ova:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ops_center_ova",
                "vendor": "hitachi",
                "versions": [
                  {
                    "lessThan": "11.0.2-01",
                    "status": "affected",
                    "version": "10.9.3-00",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:hitachi:ops_center_common_services:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ops_center_common_services",
                "vendor": "hitachi",
                "versions": [
                  {
                    "lessThan": "11.0.3-00",
                    "status": "affected",
                    "version": "10.9.3-00",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45068",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:30:59.837741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T15:54:53.646Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Hitachi Ops Center Common Services",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.0.3-00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.0.3-00",
                  "status": "affected",
                  "version": "10.9.3-00",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Hitachi Ops Center OVA",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.0.2-01",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.0.2-01",
                  "status": "affected",
                  "version": "10.9.3-00",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAuthentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.\u003c/p\u003e"
                }
              ],
              "value": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\n\n\nThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1392",
                  "description": "CWE-1392 Use of Default Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-03T02:32:03.225Z",
            "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
            "shortName": "Hitachi"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-149/index.html"
            }
          ],
          "source": {
            "advisory": "hitachi-sec-2024-149",
            "discovery": "UNKNOWN"
          },
          "title": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "assignerShortName": "Hitachi",
        "cveId": "CVE-2024-45068",
        "datePublished": "2024-12-03T02:32:03.225Z",
        "dateReserved": "2024-10-22T04:20:15.307Z",
        "dateUpdated": "2024-12-03T15:54:53.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45068 (GCVE-0-2024-45068)

    Vulnerability from cvelistv5 – Published: 2024-12-03 02:32 – Updated: 2024-12-03 15:54
    VLAI
    Title
    Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA
    Summary
    Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA. This issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Hitachi Hitachi Ops Center Common Services Affected: 10.9.3-00 , < 11.0.3-00 (custom)
    Create a notification for this product.
    Hitachi Hitachi Ops Center OVA Affected: 10.9.3-00 , < 11.0.2-01 (custom)
    Create a notification for this product.
    hitachi ops_center_ova Affected: 10.9.3-00 , < 11.0.2-01 (custom)
        cpe:2.3:a:hitachi:ops_center_ova:*:*:*:*:*:*:*:*
    Create a notification for this product.
    hitachi ops_center_common_services Affected: 10.9.3-00 , < 11.0.3-00 (custom)
        cpe:2.3:a:hitachi:ops_center_common_services:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hitachi:ops_center_ova:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ops_center_ova",
                "vendor": "hitachi",
                "versions": [
                  {
                    "lessThan": "11.0.2-01",
                    "status": "affected",
                    "version": "10.9.3-00",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:hitachi:ops_center_common_services:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ops_center_common_services",
                "vendor": "hitachi",
                "versions": [
                  {
                    "lessThan": "11.0.3-00",
                    "status": "affected",
                    "version": "10.9.3-00",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45068",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-03T14:30:59.837741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T15:54:53.646Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Hitachi Ops Center Common Services",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.0.3-00",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.0.3-00",
                  "status": "affected",
                  "version": "10.9.3-00",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Hitachi Ops Center OVA",
              "vendor": "Hitachi",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "11.0.2-01",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "11.0.2-01",
                  "status": "affected",
                  "version": "10.9.3-00",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAuthentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01.\u003c/p\u003e"
                }
              ],
              "value": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\n\n\nThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-114",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-114 Authentication Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1392",
                  "description": "CWE-1392 Use of Default Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-03T02:32:03.225Z",
            "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
            "shortName": "Hitachi"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-149/index.html"
            }
          ],
          "source": {
            "advisory": "hitachi-sec-2024-149",
            "discovery": "UNKNOWN"
          },
          "title": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "assignerShortName": "Hitachi",
        "cveId": "CVE-2024-45068",
        "datePublished": "2024-12-03T02:32:03.225Z",
        "dateReserved": "2024-10-22T04:20:15.307Z",
        "dateUpdated": "2024-12-03T15:54:53.646Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }