JVNDB-2024-014918

[Japanese]
JVNDB-2024-014918
Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer
Overview
Authentication bypass vulnerability exists in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer.
CVSS Severity (What is CVSS?)
CVSS V3 Severity: Base Metrics 9.4 (Critical) [Vendor Score] Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality Impact: Low Integrity Impact: High Availability Impact: High
Affected Products

Hitachi, Ltd Hitachi Infrastructure Analytics Advisor (English version) Hitachi Ops Center Analyzer (English version)
Please refer to Vendor Information for more details.
Impact
Regarding the impact of the vulnerability, please refer to the vendor advisory.
Solution
Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information
Hitachi, Ltd Hitachi Software Vulnerability Information : hitachi-sec-2024-151
CWE (What is CWE?)
Missing Authentication for Critical Function(CWE-306) [NVD Evaluation]
CVE (What is CVE?)
CVE-2024-10205
References

Revision History
[2024/12/17] Web page was published

Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer