Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2015-02-09T17:59:05.373
2025-04-12T10:46:40.837
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | hitachi | device_manager | ≤ 8.1.1 | Yes |
| Application | hitachi | replication_manager | ≤ 8.1.1 | Yes |
| Application | hitachi | tiered_storage_manager | ≤ 8.1.1 | Yes |
| Operating System | microsoft | windows | * | No |
| Operating System | novell | opensuse | * | No |
| Operating System | redhat | enterprise_linux | * | No |
| Application | hitachi | compute_systems_manager | ≤ 7.6.1 | Yes |
| Application | hitachi | compute_systems_manager | 8.0.0 | Yes |
| Application | hitachi | compute_systems_manager | 8.1.0 | Yes |
| Application | hitachi | compute_systems_manager | 8.1.1 | Yes |
| Application | hitachi | global_link_manager | ≤ 8.1.1 | Yes |
| Operating System | microsoft | windows | * | No |