EUVD-2026-15186
GHSA-fx3v-mjwv-84rw
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
Lifecycle Timeline
3Tags
Description
Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (Analytics probe component), Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00.
Analysis
A Cross-Site Scripting (XSS) vulnerability exists in the Analytics probe component of Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer. The flaw allows authenticated attackers with low privileges to execute malicious scripts in users' browsers, potentially leading to high confidentiality impact, low integrity impact, and low availability impact due to the changed scope (CVSS 8.2). …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: inventory all Hitachi Analytics Advisor and Ops Center Analyzer deployments and restrict network access to trusted administrative networks only. Within 7 days: implement Web Application Firewall (WAF) rules to block script injection payloads to the Analytics probe component, enforce multi-factor authentication for all probe access, and disable the Analytics probe feature if operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today