Skip to main content

Configuration Manager CVE-2025-0976

MEDIUM
Insertion of Sensitive Information into Log File (CWE-532)
2026-02-25 hirt@hitachi.co.jp
4.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.7 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 25, 2026 - 05:17 nvd
MEDIUM 4.7

DescriptionCVE.org

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00.

AnalysisAI

Configuration Manager versions up to 11.0.4-00 is affected by insertion of sensitive information into log file (CVSS 4.7).

Technical ContextAI

This vulnerability (CWE-532: Insertion of Sensitive Information into Log File) affects Configuration Manager. Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00.

RemediationAI

Monitor vendor advisories for a patch.

CVE-2017-5645 CRITICAL POC
9.8 Apr 17

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events

CVE-2016-2381 HIGH
7.5 Apr 08

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate e

CVE-2019-6957 CRITICAL
9.8 May 29

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DI

CVE-2019-6958 CRITICAL
9.1 May 29

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DI

CVE-2020-10878 HIGH
8.6 Jun 05

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. Rated h

CVE-2020-10543 HIGH
8.2 Jun 05

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers

CVE-2022-35415 HIGH
7.8 Sep 16

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially e

CVE-2020-12723 HIGH
7.5 Jun 05

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_c

CVE-2020-2984 HIGH
7.1 Jul 15

Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collect

CVE-2023-35867 MEDIUM
5.9 Dec 18

An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthe

CVE-2025-5781 MEDIUM
5.2 Feb 25

Configuration Manager versions up to 11.0.5-00 is affected by insertion of sensitive information into log file (CVSS 5.2

Share

CVE-2025-0976 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy