CVE-2015-1565

Hitachi Device Manager <8.1.2-00 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/62579

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/62584

Vendor Advisory x_refsource_confirm

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/index.html

Scores

EPSS 0.0028

EPSS Percentile 51.1%

Details

CWE

CWE-79

Status published

Products (8)

hitachi/compute_systems_manager 8.0.0

hitachi/compute_systems_manager 8.1.0

hitachi/compute_systems_manager 8.1.1

hitachi/compute_systems_manager < 7.6.1

hitachi/device_manager < 8.1.1

hitachi/global_link_manager < 8.1.1

hitachi/replication_manager < 8.1.1

hitachi/tiered_storage_manager < 8.1.1

Published Feb 09, 2015

Tracked Since Feb 18, 2026