CVE-2022-4895

EUVD-2022-52152
Improper Certificate Validation vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component) allows Man in the Middle Attack.This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.1-00.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
HitachiCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
hitachiinfrastructure_analytics_advisor
2.0.0-00 ≤
𝑥
< 10.9.1-00
hitachiops_center_analyzer
10.0.0-00 ≤
𝑥
< 10.9.1-00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-105/index.html