This page lists publicly disclosed CVE vulnerabilities affecting hitachi device_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-5781 | Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.5-00; Hitachi Configuration Manager: from 8.5.1-00 before 11.0.5-00; Hitachi Device Manager: from 8.4.1-00 before 8.6.5-00. | [email protected] | 5.2 | 0.01% | 2026-02-25 | 2026-02-27 |
| CVE-2023-49107 | Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04. | [email protected] | 5.3 | 0.10% | 2024-01-16 | 2024-11-21 |
| CVE-2023-49106 | Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | [email protected] | 4.6 | 0.08% | 2024-01-16 | 2024-11-21 |
| CVE-2023-34143 | Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02. | [email protected] | 5.6 | 0.07% | 2023-07-18 | 2024-11-21 |
| CVE-2023-34142 | Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02. | [email protected] | 9.0 | 0.11% | 2023-07-18 | 2024-11-21 |
| CVE-2020-36695 | Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage | [email protected] | 6.6 | 0.04% | 2023-07-18 | 2024-11-21 |
| CVE-2018-21033 | A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager. | [email protected] | 6.5 | 0.11% | 2020-02-14 | 2024-11-21 |
| CVE-2018-21032 | A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager. | [email protected] | 4.3 | 0.21% | 2020-02-14 | 2024-11-21 |
| CVE-2019-17360 | A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. | [email protected] | 7.5 | 0.71% | 2019-11-12 | 2024-11-21 |
| CVE-2018-21026 | A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.6.5-00 allows an unauthenticated remote user to read internal information. | [email protected] | 7.5 | 0.47% | 2019-11-12 | 2024-11-21 |
| CVE-2018-14735 | An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message. | [email protected] | 7.5 | 0.31% | 2018-08-09 | 2024-11-21 |
| CVE-2017-9298 | Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. | [email protected] | 5.4 | 0.20% | 2017-05-29 | 2026-05-13 |
| CVE-2017-9297 | Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbitrary web sites. | [email protected] | 6.1 | 0.19% | 2017-05-29 | 2026-05-13 |
| CVE-2017-9296 | Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows remote attackers to redirect authenticated users to arbitrary web sites. | [email protected] | 6.1 | 0.19% | 2017-05-29 | 2026-05-13 |
| CVE-2017-9295 | XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to read arbitrary files. | [email protected] | 6.5 | 0.17% | 2017-05-29 | 2026-05-13 |
| CVE-2017-9294 | RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports. | [email protected] | 9.8 | 4.44% | 2017-05-29 | 2026-05-13 |
| CVE-2015-1565 | Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 0.30% | 2015-02-09 | 2026-05-06 |