Vulnerability Description
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager before 7.6.1-08 and 8.x before 8.1.2-00, as used in Hitachi Command Suite, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Device Manager | <= 8.1.1 |
| Hitachi | Replication Manager | <= 8.1.1 |
| Hitachi | Tiered Storage Manager | <= 8.1.1 |
| Microsoft | Windows | All versions |
| Novell | Opensuse | All versions |
| Redhat | Enterprise Linux | All versions |
| Hitachi | Compute Systems Manager | <= 7.6.1 |
| Hitachi | Global Link Manager | <= 8.1.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/62579
- http://secunia.com/advisories/62584
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/indeVendor Advisory
- http://secunia.com/advisories/62579
- http://secunia.com/advisories/62584
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-001/indeVendor Advisory
FAQ
What is CVE-2015-1565?
CVE-2015-1565 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manager...
How severe is CVE-2015-1565?
CVE-2015-1565 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1565?
Check the references section above for vendor advisories and patch information. Affected products include: Hitachi Device Manager, Hitachi Replication Manager, Hitachi Tiered Storage Manager, Microsoft Windows, Novell Opensuse.