Multiple Vulnerabilities in JP1/Cm2/Network Node Manager i


JP1/Cm2/Network Node Manager i contains cross-site scripting and execution of arbitrary code vulnerabilities.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 9.3 (High) [Vendor Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Complete
  • Integrity Impact: Complete
  • Availability Impact: Complete
Affected Products

Hitachi, Ltd
  • JP1/Cm2/Network Node Manager i
  • JP1/Cm2/Network Node Manager i Advanced

Please refer to HS14-025 provided by Hitachi for more details.

An attacker could inject arbitrary web script and execute arbitrary code.

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS14-025
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)


Revision History

  • [2014/12/16]
      Web page was published
      CVSS Severity was modified