CVE-2025-5781

MEDIUM

Hitachi Ops Center API Config Manager - Info Disclosure

Title source: llm

Description

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager, Hitachi Device Manager allows Session Hijacking.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.5-00; Hitachi Configuration Manager: from 8.5.1-00 before 11.0.5-00; Hitachi Device Manager: from 8.4.1-00 before 8.6.5-00.

References (1)

[Various Sources] https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-111/index.html

Scores

CVSS v3 5.2

EPSS 0.0001

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (4)

hitachi/configuration_manager 8.5.1-00

hitachi/configuration_manager 8.5.1-00 - 11.0.5-00

hitachi/device_manager 8.4.1-00 - 8.6.5-00

hitachi/ops_center_api_configuration_manager 10.0.0-00 - 11.0.5-00

Published Feb 25, 2026

Tracked Since Feb 25, 2026