Skip to main content

Device Manager CVE-2025-30024

| EUVDEUVD-2025-21111 MEDIUM
Improper Certificate Validation (CWE-295)
2025-07-11 product-security@axis.com
6.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
5.32
EUVD ID Assigned
Mar 16, 2026 - 08:17 euvd
EUVD-2025-21111
Analysis Generated
Mar 16, 2026 - 08:17 vuln.today
CVE Published
Jul 11, 2025 - 06:15 nvd
MEDIUM 6.8

DescriptionCVE.org

The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack.

Analysis

The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack.

Technical ContextAI

This vulnerability is classified as Improper Certificate Validation (CWE-295).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

CVE-2023-50916 HIGH POC
7.2 Jan 10

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted ch

CVE-2017-9294 CRITICAL
9.8 May 29

RMI vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to execute internal commands without

CVE-2025-30023 CRITICAL
9.0 Jul 11

CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows a

CVE-2023-34143 HIGH
8.1 Jul 18

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device

CVE-2025-30025 HIGH
7.8 Jul 11

CVE-2025-30025 is a local privilege escalation vulnerability in the inter-process communication (IPC) protocol between a

CVE-2018-11748 HIGH
7.8 Oct 02

Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world

CVE-2023-34142 HIGH
7.5 Jul 18

Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manage

CVE-2019-17360 HIGH
7.5 Nov 12

A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a

CVE-2018-14735 HIGH
7.5 Aug 09

An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. Rated high severity (CVSS 7.5), this vulner

CVE-2017-9295 MEDIUM
6.5 May 29

XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authe

CVE-2017-9297 MEDIUM
6.1 May 29

Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to redirect users to arbit

CVE-2017-9296 MEDIUM
6.1 May 29

Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Tuning Manager before 8.5.2-00 allows

Share

CVE-2025-30024 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy