CVE-2017-9294
CRITICALHitachi Device Manager <8.5.2-01 - Command Injection
Title source: llmDescription
RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without authentication via RMI ports.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-114/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98765
Scores
CVSS v3
9.8
EPSS
0.0444
EPSS Percentile
89.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
hitachi/device_manager
< 8.5.2
Published
May 29, 2017
Tracked Since
Feb 18, 2026